Infrastructure Engineer , Officer

at  State Street

We are looking for a Infrastructure Engineer, who has 3-4 + years of experience on Infrastructure with below job responsibilities

• Develop and implement patch management procedures, and standards to ensure the security and integrity of applications (Billing, Corp Finance, Reg Reporting) Infrastructure .
• Define and maintain patch management metrics, KPIs, and reporting mechanisms to measure the effectiveness of patching activities and compliance with policies.
• Coordinate with stakeholders to prioritize patches based on risk assessment, business impact, and compliance requirements. Need to implement the patches on Applications based on the requirements
• Establish change management processes and controls to manage the deployment of patches across different environments, including development, testing, and production.
• Conduct regular assessments and audits of patch management practices to identify areas for improvement and ensure adherence to policies and standards.
• Collaborate with Vendor, security teams to incorporate threat intelligence, vulnerability assessments, and risk analysis into patch prioritization and deployment strategies.
• Coordinate with internal teams, including IT security, network operations, software development, and system administrators, to gather vulnerability data from various sources, including scanning tools, penetration tests, and security advisories.
• Analyse vulnerability data to determine severity, impact, and potential risk to the organization’s assets and systems.
• Serve as a subject matter expert on vulnerability reporting processes, tools, and best practices, providing guidance and support to internal teams as needed.
• Communicate effectively with external vendors and partners regarding vulnerabilities affecting third-party software or services used by the organization.
• Continuously evaluate and improve the vulnerability reporting process to enhance efficiency, accuracy, and effectiveness.
• Bachelor’s degree in computer science, information technology, or related field.
• 3+ years of Production Support of Several Different Business Applications
• 2+ years of experience in application security, with a focus on Vulnerability Patch Management
• In-depth knowledge of patch management principles, processes, and best practices.
• Hands on Experience on Oracle 12c, 11g Fusion Middleware Weblogic server, Oracle SSO, Oracle OID , Oracle OAM , Oracle OHS patching & upgrade.
• Strong understanding of web application architecture, development frameworks, and common security vulnerabilities, Oracle Applications (OAM, OUD, SSO, WEBLOGIC), Cloud Technologies (AWS, Azure,Oracle)
• Hands on Experience on oracle single sign on and integrating with the business applications.
• Ability to work independently and collaboratively in a fast-paced environment with multiple stakeholders and competing priorities.
• Excellent analytical and problem-solving skills with the ability to prioritize and manage multiple tasks in a dynamic environment.
• Effective communication skills with the ability to collaborate across teams and convey technical information to non-technical stakeholders

State Street’s Speak Up Lin

• Develop and implement patch management procedures, and standards to ensure the security and integrity of applications (Billing, Corp Finance, Reg Reporting) Infrastructure .
• Define and maintain patch management metrics, KPIs, and reporting mechanisms to measure the effectiveness of patching activities and compliance with policies.
• Coordinate with stakeholders to prioritize patches based on risk assessment, business impact, and compliance requirements. Need to implement the patches on Applications based on the requirements
• Establish change management processes and controls to manage the deployment of patches across different environments, including development, testing, and production.
• Conduct regular assessments and audits of patch management practices to identify areas for improvement and ensure adherence to policies and standards.
• Collaborate with Vendor, security teams to incorporate threat intelligence, vulnerability assessments, and risk analysis into patch prioritization and deployment strategies.
• Coordinate with internal teams, including IT security, network operations, software development, and system administrators, to gather vulnerability data from various sources, including scanning tools, penetration tests, and security advisories.
• Analyse vulnerability data to determine severity, impact, and potential risk to the organization’s assets and systems.
• Serve as a subject matter expert on vulnerability reporting processes, tools, and best practices, providing guidance and support to internal teams as needed.
• Communicate effectively with external vendors and partners regarding vulnerabilities affecting third-party software or services used by the organization.
• Continuously evaluate and improve the vulnerability reporting process to enhance efficiency, accuracy, and effectiveness.
• Bachelor’s degree in computer science, information technology, or related field.
• 3+ years of Production Support of Several Different Business Applications
• 2+ years of experience in application security, with a focus on Vulnerability Patch Management
• In-depth knowledge of patch management principles, processes, and best practices.
• Hands on Experience on Oracle 12c, 11g Fusion Middleware Weblogic server, Oracle SSO, Oracle OID , Oracle OAM , Oracle OHS patching & upgrade.
• Strong understanding of web application architecture, development frameworks, and common security vulnerabilities, Oracle Applications (OAM, OUD, SSO, WEBLOGIC), Cloud Technologies (AWS, Azure,Oracle)
• Hands on Experience on oracle single sign on and integrating with the business applications.
• Ability to work independently and collaboratively in a fast-paced environment with multiple stakeholders and competing priorities.
• Excellent analytical and problem-solving skills with the ability to prioritize and manage multiple tasks in a dynamic environment.
• Effective communication skills with the ability to collaborate across teams and convey technical information to non-technical stakeholder