Watch Jobs
浏览职位数据统计洞察报告招聘观察探索企业购买与订阅
我的收藏免费试用登录注册

Watch Jobs

我们专注于实时追踪各企业最新职位动态,帮助您节省求职时间,快速找到理想工作机会。

探索

  • 浏览职位
  • 数据统计
  • 洞察报告
  • 数据方法论
  • 探索企业

订阅

  • 免费试用
  • 价格方案
  • FAQ
  • 隐私政策

关注我们

微信公众号小红书淘宝店铺

© 2026 Watch Jobs. 保留所有权利

Created by jianglicat - 讲礼猫
Watch Jobs
浏览职位招聘观察购买与订阅
Sigma-Aldrich logo
默克生命科学
Vulnerability and Patch Management Specialist
立即应聘

Vulnerability and Patch Management Specialist

发布于 5 个月前

基层主管/组长

Mollet del Valles, Barcelona, Spain
高级经验
全职员工
仅现场办公
学历未注明
系统与安全工程
Automation
Security Operations
PowerShell
VMware

AI 估算 · 45k–65k

该职位要求高级安全运维与自动化技能,涉及全球业务,技术门槛高,在跨国企业中有较强竞争力,薪资水平可观。

职位详情

关于这个职位

作为漏洞与补丁管理专家,您将加入安全运营团队,负责全球补丁与漏洞管理流程

主要工作包括管理端到端的补丁部署流程,进行漏洞评估、优先级排序与风险缓解,并确保企业基础设施、端点、服务器及应用的稳定与安全
您将运用自动化工具与DevOps实践提升效率,并可能承担团队指导职责

最低要求

年以上Windows和VMware环境工作经验

精通编码和脚本,特别是PowerShell、Python或Ruby
具备API接口的系统间数据集成经验
深入了解服务器管理、补丁管理和操作系统特定调试工具
熟悉服务器技术,如Active Directory Services、WSUS和DNS
优秀的沟通和人际交往能力,以客户为中心
具备团队协作能力

工作职责

管理端到端的补丁管理流程,进行漏洞评估并确定补丁优先级,以降低企业基础设施、端点、服务器硬件、操作系统和应用程序的风险

与跨职能团队密切合作,确保无缝运营,并在全球范围内管理全球补丁和漏洞管理流程
利用深入的故障排除技能和技术文档经验,创建和维护重要资源,如工作说明和知识库文章
确保补丁在部署前经过兼容性和稳定性测试
准备关于补丁合规性、系统性能和漏洞修复的详细报告,向高级管理层提供补丁管理进展的见解和更新
作为潜在的团队负责人,有效指导和支持同事
采用DevOps实践,利用自动化工具简化部署和监控活动,提高补丁管理流程的效率
运用对AI技术的熟悉度,帮助识别漏洞和优化补丁管理工作流程

优先资格

拥有Microsoft Windows Server、VMware和Linux相关认证者优先

有DevOps实践和工具经验,以提升补丁管理自动化和效率者优先
了解AI技术,有助于漏洞识别和工作流优化者优先

AI 洞察

优缺点分析

优点

  • Work in a leading global company in healthcare and life sciences, offering exposure to complex, large-scale security challenges.
  • Develop highly valuable skills in vulnerability management, automation, and DevOps, which are in high demand across industries.
  • Opportunity to influence global security posture and potentially lead a team, enhancing both technical and leadership credentials.
  • Engage with cutting-edge technologies like AI for security optimization, staying at the forefront of the field.
  • High responsibility for system stability and security
  • patch failures or missed vulnerabilities could have significant operational or security impacts.
  • Need to balance rapid vulnerability remediation with thorough testing, often under time pressure in a global, 24/7 environment.
  • Requires continuous learning to keep up with evolving threats, new technologies, and complex IT environments.
  • This role is ideal for experienced security professionals who enjoy technical depth, process optimization, and collaborative problem-solving in a mission-critical, global setting.

缺点 / 挑战

暂无明显挑战项

角色解读

  • Technical Path: Advance to Senior Security Engineer, Security Architect, or specialize in areas like Cloud Security or Threat Intelligence.
  • Management Path: Progress to Security Operations Manager, overseeing larger teams and strategic security initiatives.
  • Industry Impact: Gain expertise in healthcare/life science security compliance, becoming a subject matter expert in regulated environments.
  • Manage the end-to-end patch lifecycle, from vulnerability scanning and risk assessment to patch testing, deployment, and compliance reporting across global infrastructure.
  • Collaborate with IT and security teams to prioritize and remediate vulnerabilities, ensuring system stability and security while minimizing operational disruption.
  • Develop and maintain automation scripts and workflows using tools like PowerShell/Python to streamline patch deployment and monitoring processes.
  • Create technical documentation, analyze system performance, and report on patch management progress to senior leadership.
  • Deep technical expertise in patch management tools (e.g., WSUS), vulnerability scanners, and server administration across Windows, VMware, and Linux environments.
  • Strong scripting and automation skills in PowerShell or Python to integrate systems via APIs and enhance operational efficiency.
  • Knowledge of DevOps practices and AI technologies to optimize vulnerability identification and patch management workflows.
  • Excellent communication and collaboration skills to work with cross-functional teams and present findings to stakeholders.

申请策略

  • Research Merck's business in Healthcare, Life Science, and Electronics to understand the specific security and compliance context.
  • Prepare to discuss how you've handled patch management in complex, global environments during interviews.
  • Quantify your experience: Highlight years managing patch/vulnerability programs, systems patched, or risk reduction metrics.
  • Detail technical projects: Showcase automation scripts you've written, API integrations implemented, or DevOps practices you've applied to security.
  • Emphasize cross-functional work: Describe instances where you collaborated with IT, development, or other teams to resolve security issues.
  • Include relevant certifications (if any) and specific tools you're proficient with (e.g., WSUS, vulnerability scanners).
  • Brush up on advanced PowerShell/Python scripting for automation and API interactions, as this is a key requirement.
  • Familiarize yourself with AI applications in cybersecurity, particularly for vulnerability prioritization or anomaly detection.

面试指南

  • Use the STAR method (Situation, Task, Action, Result) to structure your answers, focusing on specific examples from your experience.
  • Emphasize your balance between security urgency and operational stability, showcasing risk-based decision-making.
  • Highlight collaboration and communication, especially when describing interactions with other teams or leadership.
  • Walk us through your process for prioritizing vulnerabilities and deploying patches in a large enterprise environment.
  • Describe a time you automated a patch management or vulnerability assessment task. What tools and scripts did you use?
  • How do you ensure patch compatibility and stability before deployment, especially for critical systems?
  • Tell us about a challenging patch deployment you managed. What went wrong, and how did you resolve it?
  • How would you explain a critical vulnerability and its remediation plan to a non-technical stakeholder?

职位点评

Watch Jobs
Watch Jobs

聚合公开职位信息,帮助你看清岗位细节与市场趋势。

探索

  • 浏览职位
  • 探索企业
  • 数据统计
  • 洞察报告
  • 招聘观察

产品

  • 免费试用
  • 价格方案
  • 数据方法论

支持

  • 常见问题
  • 隐私政策

© 2026 WatchJobs. 保留所有权利。

隐私政策

默克生命科学 的其他在招职位

  • 技术支持专家-internal posting only

    默克生命科学 · 上海市
    AI 估算 · 12k-18k
  • 资深分析师 II-Semi-上海

    默克生命科学 · 上海市
    AI 估算 · 15k-25k
  • Equipment Engineer

    默克生命科学 · Kaohsiung, Kaohsiung, Taiwan
    AI 估算 · 50k-75k
  • 医药代表-心血管与代谢-昆山

    默克生命科学 · 苏州市
    AI 估算 · 6k-10k
  • Field Service Engineer 1

    默克生命科学 · Hsinchu, Hsinchu County, Taiwan
    AI 估算 · 8k-12k

相似职位推荐

  • 性能优化工程师(系统方向)

    vivo · 杭州市
    AI 估算 · 20k-35k
  • Principal Field Application Engineer - Automotive AMCU

    恩智浦半导体 · 上海市
    AI 估算 · 30k-50k
  • Cybersecurity Analyst

    联想 · 香港特别行政区
    AI 估算 · 25k-45k
  • 性能优化工程师(上层调度方向)

    vivo · 南京市
    AI 估算 · 25k-45k
  • 车计算信息安全工程师

    联想 · 上海市
    AI 估算 · 20k-35k

默克生命科学 的其他在招职位

  • 技术支持专家-internal posting only

    默克生命科学 · 上海市
    AI 估算 · 12k-18k
  • 资深分析师 II-Semi-上海

    默克生命科学 · 上海市
    AI 估算 · 15k-25k
  • Equipment Engineer

    默克生命科学 · Kaohsiung, Kaohsiung, Taiwan
    AI 估算 · 50k-75k
  • 医药代表-心血管与代谢-昆山

    默克生命科学 · 苏州市
    AI 估算 · 6k-10k
  • Field Service Engineer 1

    默克生命科学 · Hsinchu, Hsinchu County, Taiwan
    AI 估算 · 8k-12k

相似职位推荐

  • 性能优化工程师(系统方向)

    vivo · 杭州市
    AI 估算 · 20k-35k
  • Principal Field Application Engineer - Automotive AMCU

    恩智浦半导体 · 上海市
    AI 估算 · 30k-50k
  • Cybersecurity Analyst

    联想 · 香港特别行政区
    AI 估算 · 25k-45k
  • 性能优化工程师(上层调度方向)

    vivo · 南京市
    AI 估算 · 25k-45k
  • 车计算信息安全工程师

    联想 · 上海市
    AI 估算 · 20k-35k