IT Patching Engineer
Posted Today by Harvey Nash
Negotiable
Undetermined
Hybrid
Manchester Area, United Kingdom
Summary: The IT Patching Engineer role focuses on addressing a significant backlog of security patches for approximately 2,000 laptops and 500 servers within a predominantly Microsoft environment. The position requires hands-on patching and update management, along with process review and compliance reporting. The engineer will collaborate with IT and security teams to ensure alignment with business needs and recommend improvements in patching workflows. This is a hybrid role with mandatory onsite presence in Manchester 1–2 days per month.
Key Responsibilities:
- Resolve the current backlog of patches across ~2,000 endpoints and ~500 servers
- Perform patch deployment on Windows servers and clients using MECM (SCCM) and WSUS
- Manually patch a limited number of Linux systems
- Patch third-party applications (e.g., Chrome, Java, Adobe)
- Generate and maintain patch compliance reports to track progress and highlight risks
- Collaborate with IT and security teams to align patching activities with business needs
- Suggest improvements in patching workflows, automation, and scheduling
- Ensure all changes comply with established change management processes
Key Skills:
- Extensive hands-on experience in IT patch management
- Strong command of Microsoft Endpoint Configuration Manager (MECM/SCCM) and WSUS
- Comfortable patching third-party software
- Experience with manual Linux patching
- Understanding of IT security best practices and vulnerability management
- Familiarity with Microsoft Defender Portal
- Able to work independently, manage time effectively, and meet deadlines
- Excellent communication and stakeholder engagement skills
- Proven ability to create and interpret patching compliance and risk reports
Salary (Rate): undetermined
City: Manchester
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
IT Patching Engineer
Location: Hybrid – Primarily remote, with mandatory onsite presence in Manchester 1–2 days per month
Contract Duration: 6 months
Start Date: ASAP
Role Summary
We are looking for an experienced IT Patching Engineer to help reduce a significant backlog of security patches across approximately 2,000 laptops and 500 servers . This hands-on role is focused on patching and update management within a predominantly Microsoft environment, with a smaller Linux footprint. In addition to executing patching activities, you'll be responsible for reviewing processes, generating compliance reports, and recommending improvements.
Key Responsibilities
- Resolve the current backlog of patches across ~2,000 endpoints and ~500 servers
- Perform patch deployment on Windows servers and clients using MECM (SCCM) and WSUS
- Manually patch a limited number of Linux systems
- Patch third-party applications (e.g., Chrome, Java, Adobe)
- Generate and maintain patch compliance reports to track progress and highlight risks
- Collaborate with IT and security teams to align patching activities with business needs
- Suggest improvements in patching workflows, automation, and scheduling
- Ensure all changes comply with established change management processes
Essential Skills & Experience
- Extensive hands-on experience in IT patch management
- Strong command of Microsoft Endpoint Configuration Manager (MECM/SCCM) and WSUS
- Comfortable patching third-party software
- Experience with manual Linux patching
- Understanding of IT security best practices and vulnerability management
- Familiarity with Microsoft Defender Portal
- Able to work independently, manage time effectively, and meet deadlines
- Excellent communication and stakeholder engagement skills
- Proven ability to create and interpret patching compliance and risk reports
Desirable Skills
- Experience with automation tools for patch deployment
- Background working in regulated or high-security environments
- Understanding of ITIL , particularly around change control
- Exposure to tools such as Rapid7 InsightIDR (SIEM)