State Street
State Street provides investment servicing, investment management, investment research and trading services to institutional investors worldwide.
We are looking for an Infrastructure Engineer, who has 3-4+ years of experience on Infrastructure with the following job responsibilities:
* Develop and implement patch management procedures, and standards to ensure the security and integrity of applications (Billing, Corp Finance, Reg Reporting) Infrastructure.
* Define and maintain patch management metrics, KPIs, and reporting mechanisms to measure the effectiveness of patching activities and compliance with policies.
* Coordinate with stakeholders to prioritize patches based on risk assessment, business impact, and compliance requirements. Implement the patches on Applications based on the requirements.
* Establish change management processes and controls to manage the deployment of patches across different environments, including development, testing, and production.
* Conduct regular assessments and audits of patch management practices to identify areas for improvement and ensure adherence to policies and standards.
* Collaborate with vendors and security teams to incorporate threat intelligence, vulnerability assessments, and risk analysis into patch prioritization and deployment strategies.
* Coordinate with internal teams, including IT security, network operations, software development, and system administrators, to gather vulnerability data from various sources, including scanning tools, penetration tests, and security advisories.
* Analyze vulnerability data to determine severity, impact, and potential risk to the organization's assets and systems.
* Serve as a subject matter expert on vulnerability reporting processes, tools, and best practices, providing guidance and support to internal teams as needed.
* Communicate effectively with external vendors and partners regarding vulnerabilities affecting third-party software or services used by the organization.
* Continuously evaluate and improve the vulnerability reporting process to enhance efficiency, accuracy, and effectiveness.
Minimum Qualifications:
* Bachelor's degree in computer science, information technology, or related field.
* 3+ years of Production Support of Several Different Business Applications.
* 2+ years of experience in application security, with a focus on Vulnerability Patch Management.
* In-depth knowledge of patch management principles, processes, and best practices.
* Hands-on experience with Oracle 12c, 11g Fusion Middleware Weblogic server, Oracle SSO, Oracle OID, Oracle OAM, Oracle OHS patching & upgrade.
* Strong understanding of web application architecture, development frameworks, and common security vulnerabilities, Oracle Applications (OAM, OUD, SSO, WEBLOGIC), Cloud Technologies (AWS, Azure, Oracle).
* Hands-on experience with Oracle single sign-on and integrating with the business applications.
* Ability to work independently and collaboratively in a fast-paced environment with multiple stakeholders and competing priorities.
* Excellent analytical and problem-solving skills with the ability to prioritize and manage multiple tasks in a dynamic environment.
* Effective communication skills with the ability to collaborate across teams and convey technical information to non-technical stakeholders.
#J-18808-Ljbffr