Share this Job

Title:  Enterprise Service Management

Requisition ID:  17210-159

Atlanta, GA, US, 30328

Category:  Information Technology
Travel:  No Travel Required


Enterprise Vulnerability and Patch Management Lead (server, cloud, workstations) to ensure all the activities are performed promptly and timely to protect Graphic Packing International Network Enterprise assets from cyber-attacks and vulnerabilities reported multiples a day.


Primary duties include evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation. Utilize Qualys vulnerability management scanning infrastructure and the GPI cyber toolset. Discover & automate methods towards vulnerability management tasks. The ability to automate detection, reporting, and tracking of vulnerabilities identified.


The Enterprise Vulnerability and Patch Management lead will be responsible with assisting the development and deploying a new Vulnerability Management program. Working with existing engineering and security teams, their role will take ownership of all vulnerability management process and documentation. This will include revising existing models and developing new innovative methodologies of managing vulnerabilities and reporting. A strong skill and desire for automation is required.


The lead must be competent to work at a technical level, be capable of identifying process, security, and technical gaps could cause security events and be able to follow defined procedures for mitigating threats. This role works closely with other security teams and across globally.



JOB FUNCTIONS: Job functions include but are not limited to the following.

  • Work with Managed Service Providers to ensure Active Directory GPO accuracy and general AD clean-up as necessary.
  • Analysis and audit reporting of Active Directory to management and various Corporate IT teams
  • Detection and reporting of all vulnerabilities (including misconfigurations) in all production, endpoint systems (including but not limited to network, servers, databases, and workstations).
  • Reporting work includes appropriate triage and prioritization of vulnerabilities (by risk) to permit risk-prioritized patching and remediation.
  • Engage with department leaders, project managers, software development, and lines of business (LOBs) to acquire support and evaluate all changes.
  • Serve as change agent by driving successful process improvement practices, by diagnosing barriers to ESM success, facilitating resolutions as appropriate.
  • Apply industry best practices to maximize efficiencies and achieve adherence to diverse program policy guidelines.
  • Drive a regular cadence with stakeholders to gain a holistic perspective of the current state of VM and Patch Management operations.
  • Assist with the determination and the scope of the program.
  • Document the roles and responsibilities associated to VM and Patch Management operations.
  • Create Request for Information (RFI) document, tracking and monitor activity associated to the Enterprise Security Management team.
  • Provide input, help prepare and update VM | PM roadmap, develop, maintain, and publish project plans and operation schedules.
  • Become familiar with the host of tools that make up the GPI Cyber Stack including but not limited to Qualys and Sentential One.
  • Become familiar with the GPI service management tool: ServiceNow (ServiceGPI) and the CMDB.
  • Become familiar with data and analytics tools such as Qlik/Excel/Tableau
  • Become familiar with an agentless security appliance that dynamically identifies and evaluates network endpoints and applications the instant endpoints connect to the network tool: Forescout
  • Become familiar with IT monitoring and management tool: Solarwinds
  • Create and maintain SOPs for the VM program, provide technical knowledge to operations and production support teams.
  • Analyze assessment results and threat feeds to properly react to security weaknesses or vulnerabilities.
  • Prepare and maintain technical documentation of VM program including requirements, architecture designs, network topology, applications, and application security designs.
  • Make strategic decisions based upon status reports to related to VM metrics, KPI’s, trending, and compliance
  • Create tactical guide the Vulnerability Management (VM) Plan, to coordinate, monitor and support activities in the areas of the VM program, security patch and remediation management.
  • Facilitate and coordinate vulnerability assessment and scanning, reviews of assessment results, patching, and remediation activities related to workstations, servers, storage, databases, appliances, web applications and network devices.
  • Collaborate on Information Security policies, standards, and baselines and contribute efforts to measure compliance.
  • Collaborate on and provide VM results and metrics for consistent reporting for governance purposes; collaborate and coordinate remediation plans and activities.
  • Help develop a long term VM strategy (3-5 years) that will address global information security needs (current state, gaps, and opportunities).
  • Other service management duties as need and assigned by manager.













  • 5 years of hands-on experience with Microsoft Active Directory, data analytics, ITIL, service management, project management, metrics and KPI/KRI design and presentation skills.





  • Bachelor’s Degree in a computer-related field or equivalent experience preferred technical certifications a plus




  • Active Directory – GPO development, auditing of existing GPO’s, testing & deployment
  • Scripting in PowerShell and or similar for AD management
  • Strong ITIL framework methodology
  • Large Enterprise experience with a >25,000 userbase
  • SCCM administration, package development & deployment
  • Proven Team development and management skills
  • Project Management



Required Experience

At Graphic Packaging International (NYSE: GPK), we produce the box you may have poured your child's cereal from this morning, the microwaveable tray that heated your lunch, the paper cup that held your coffee throughout the day, and the carrier of those bottles of craft beer you may enjoy tonight! We're one of the largest manufacturers of paperboard and paper-based packaging for some of the world's most recognized brands of food, beverage, foodservice, household, personal care and pet care products. Headquartered in Atlanta, Georgia, we are a team of collaborative, innovative, passionate individuals who are committed to providing consumer packaging that makes a world of difference.

With almost 18,000 employees working in more than 70 locations in North and South America, Europe and the Pacific Rim, we strive to be an environmentally responsible leader in our industry and in the communities where we operate. We are committed to workplace diversity and offer compensation and benefits programs that are among the industry's best to reward the talented people who make our company successful.

If this sounds like something you would like to be a part of, we'd love to hear from you. Learn more about us at

Inspired Packaging. A World of Difference.

Graphic Packaging is an Equal Opportunity Employer. All candidates will be evaluated on the basis of their qualifications for the job in question. We do not base our employment decision on an employee's or applicant's race, color, religion, age, gender or sex (including pregnancy), national origin, ancestry, marital status, sexual orientation, gender identity, genetic identity, genetic information, disability, veteran/military status or any other basis prohibited by local, state, or federal law. Click here to view the Poster, EEO is the Law.

Nearest Major Market: Atlanta

Job Segment: Service Manager, Cloud, Information Security, Testing, Manager, Customer Service, Technology, Management