Title:  Vulnerability and Patch Governance Analyst

Are you driven to make a real difference in the lives of patients?

Location and Working Environment

• This position is based in Mexico City and will require hybrid work (2 days in office).
• At Astellas we recognize the importance of work/life balance, and we are proud to offer a hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. We believe this will optimize the most productive work environment for all employees to succeed and deliver. Hybrid work from certain locations may be permitted in accordance with Astellas’ Responsible Flexibility Guidelines.

Purpose and Scope

The Vulnerability Management (ASM) Engineer will play a vital role in assisting with the organization's vulnerability management processes, patching governance, and system remediation initiatives. The ideal candidate will support the identification, tracking, and remediation of vulnerabilities, while also assisting in patch management cycles and helping address systems that are approaching end-of-life (EOL).

Role and Responsibilities

• Vulnerability Management:
• Perform vulnerability scanning using tools such as Qualys, Tenable.io, Rapid7 Nexpose, or OpenVAS to identify system vulnerabilities and security risks.
• Support in triaging and prioritizing vulnerabilities based on risk and impact to the organization.
• Document vulnerabilities and work with other teams to coordinate remediation efforts.
• Patching Governance:
• Assist in patch deployment efforts across the organization's systems and applications.
• Monitor patching status and ensure patch compliance across all platforms.
• Help track and document the progress of patch cycles and ensure patches are applied timely.
• EOL System Remediation:
• Assist in identifying legacy systems and applications approaching end-of-life (EOL) status.

Continue: Role and Responsibilities

• Collaborate with teams to recommend solutions, including patching or system replacements.
• Support efforts to implement compensating controls for unsupported systems.
• Reporting & Documentation:
• Assist in creating regular status reports for vulnerability management and patching activities.
• Contribute to the creation of internal documentation for processes and procedures.
• Provide input for reports to leadership regarding the status of vulnerability management, patching compliance, and EOL remediation.
• Collaboration:
• Work with IT teams, security teams, and other stakeholders to ensure vulnerabilities are addressed in a timely manner.
• Participate in regular meetings to discuss vulnerability trends, patching schedules, and system remediation plans.

Experience

• 2-3 years of experience in IT security, vulnerability management, or related fields.
• Familiarity with vulnerability scanning tools like Qualys, Tenable.io, or Rapid7 Nexpose.
• Exposure to patch management tools such as SCCM, WSUS, or Ivanti is a plus.

Required Qualifications:

• • Technical Skills:
  • Basic understanding of vulnerability management, patching processes, and remediation techniques.
  • Familiarity with security frameworks such as CIS, NIST, or ISO 27001.
  • Certifications (Preferred):
  • CompTIA Security+ or other relevant certifications.
  • Soft Skills:
  • Strong attention to detail and the ability to follow processes.
  • Good communication skills for working within a team and interacting with stakeholders.
  • Ability to learn quickly and stay updated with emerging vulnerabilities and security trends.

What awaits you at Astellas?

Our Organizational Values and Behaviors