Job Description :
The IT Systems Engineer – Vulnerability Management is responsible for the assessment and remediation of vulnerabilities identified by the Bank’s vulnerability program for both external and internal landscapes. This includes conducting research about the vulnerability and understanding the impact of applying the remediations in both test and production environments. In addition, the role will serve as the liaison to other groups in IT for remediation efforts.

Primary Success Factors
The IT Systems Engineer – Vulnerability Management will demonstrate proficiency in:

Providing technical analysis of vulnerabilities identified by the vulnerability program to determine their impact to the Bank and driving the formulation of the vulnerability management remediation plans for each – includes both internal and external landscapes.
Leading remediation efforts as the liaison to the other groups in IT to establish communication plans and to develop the high-level framework for the testing and validation process used in the remediation efforts.
Developing effective strategies for vulnerability remediation and leveraging technology to automate the process using automations tools suitable for blade technology in a virtualization architecture, where possible.
Establishing a process for reporting the progress of remediating vulnerabilities and reporting vulnerability trends.
Maintaining ongoing awareness of shifts in threat landscape and attacker methodologies; recommending appropriate strategic and operational changes to the security program to address new threats.
During remediation, being responsible for monitoring system performance, analyzing and troubleshooting system problems, and making recommendations related to load balancing, fault tolerance and high availability of all system components.
Demonstrating solid knowledge in management and administration of applications, such as Microsoft Active Directory, Middleware Application Web Servers, Virtualization Technologies and Citrix, as well as business applications.
Performing the administration and configuration of server hardware templates (physical, virtual, cloud-based Operating infrastructure software baselines as a result of remediation efforts, utilizing knowledge of operating systems, such as Linux, Windows, ESXi, and network protocols, such as TCP/IP, HTTP, HTTPS, SFTP, DNS and DHCP.
Ensuring compliance with policies, procedures and regulations to ensure safe and sound business operations; developing and implementing software and configurations to apply appropriate system security mechanisms.

Required Experience
Bachelor of Science degree in Information Systems or equivalent work experience
Five years of experience in technical support role, including three years of that experience as a system administrator for the Unix/Linux, Windows and/or virtual server platforms
Demonstrated networks, operating systems, system monitoring, security and technology infrastructure experience; specializing in one or more technical areas where a thorough and detailed understanding of the environment is required, and certification in areas of specialization is preferred
Demonstrated analytical skills with creative innovative approaches to problem-solving
Strong communication and presentation skills, ability to function as a member of a team and ability to manage multiple projects and tasks concurrently
Strong working knowledge of application development, computer operations and related concepts
Knowledge of sound, industry-accepted server software support practices and methodologies
Experience with vulnerability analysis, patch assessment and vulnerability scoring tools (e.g., Altiris and Qualys)
Knowledge of vulnerability scoring systems (CVSS Scores)
Strong awareness of threat protection toolsets, such as CrowdStrike, SteathBits, LogRhythm and Palo Alto