- New York, NY, USA
- Permanent, Full time
Senior Systems Engineer
Location: New York, NY, USAThis role is responsible the day to day logistics, IT Service management and operations of the various components and Infrastructure Operations Management of the environment with a primary focus on Patch and vulnerability management, OS/application hardening and patch management process execution across various Infrastructure technologies.
The Senior Engineer- Will be involved in all the steps of Patch & Vulnerability Management. Document procedures, assist with what/where/when to patch, set up scans and assist in coordinating patching efforts. Engages in awareness, coordinating and communicating patch-management process to stakeholders with detailed reporting.
Needs to have basic understanding of other Infrastructure components like Storage, Backup, Virtualization, Core Infra Applications like AD etc. The candidate must be highly motivated and have a proven track record of innovation, vendor oversight and governance, execution, delivery, customer focus, and be highly skilled in IT operations and vulnerability management.
- This individual will be responsible for the installation, configuration, testing and technical support in the day-to-day operations of IT infrastructure systems with regard to patch management process. Governing the adherence to IT Security Policies regarding patch management throughout the enterprise.
- Actively engages in work streams related but not limited to Infrastructure security testing, infrastructure vulnerability scanning, reviewing and prioritizing results, and remediation and/or coordinating the remediation of assessment results
- Run and manage Zero day and other exploit patch management bridges with relevant teams from vendors, InfoRisk and other space and provide consolidated updates and reports to management
- Management of OS patching; Strong knowledge of packaging concepts, collection maintenance, reporting services, applying best practices and delivering enterprise patch management as well as application delivery.
- Perform compliance scanning to analyze configurations and compare to established baselines, recommending remedial actions where necessary.
- Engage with stakeholders, to include IT professionals, management, to facilitate vulnerability discovery, remediation and tracking.
- Communicate security and compliance issues in an effective and appropriate manner.
- Validate remedial actions and ensure compliance with security policy and remediation targets.
- Perform vulnerability management system administration functions, as required.
- Perform risk assessments and make remediation recommendations to tech owners.
- Periodically review vulnerability exception requests to ensure compliance to the exception process.
- Maintain vulnerability tracker to record Identification, publication, remediation and closure of vulnerabilities.
- Planning software pushes using approved enterprise patch management software
- Reporting and fix failed patches weekly/monthly. Provide status of software pushes
- Developing checklists, guides, best practices and procedures to support patch management process.
- Stay informed regarding advances in patch management technologies Knowledge of SCCM and Redhat Satellite architecture, configuration and administration
- Partners with application development and infrastructure teams to align leading edge and leveraging strategies.
- Work with Security team to ensure system configurations are in compliance with security policies and controls standards.
- Create technology efficiency and new capabilities through the use of automation
- Lead the IaaS (Infrastructure as a Service) vendor operational governance and oversight by leveraging industry best practices to deliver best in quality service.
- Lead the coordination with the vendor partners and Help Desk to establish best practices and improve performance of incident and request handling (queue management, SLO/A review, trend analysis, escalation management etc).
- Ensuring High Availability of Infra Services with Minimal Service Disruption through proactive Incident and Problem Management.
- Acting as a subject matter expert on Moody's business processes and systems and interface between all Infrastructure users, Infra and production support and Development teams.
- Implement automation to achieve year on year efficiency by faster fulfilment of requests and improved service restoration during incidents.
- Providing up-to-date statuses to all stakeholders including senior management on zero day and other vulnerability patch management exercise across all Infrastructures components and layers.
- Collaborate with other cross functional teams to ensure ongoing and effective communication with the business and build on relationship management with business groups
- Reviewing Root Cause Analysis documents and sharing them with the IaaS engineering and InfoRisk teams.
- BS degree in Information Systems, Computer Science, Computer Engineering or equivalent.
- BS/BA, (Education may be substituted for increased years in experience on a year-for-year basis).
- Minimum 7+ years of experience working with enterprise Linux environments scaling beyond 2000+ systems.
- Minimum of 3 recent years direct Patch & Vulnerability Management.
- Good working understanding and working knowledge of Tenable Security Center, Rapid7, Qualys, or other related tools. Ability to think with a security mindset. The successful candidate has an IT background with good level knowledge of multiple relevant security practice areas.
- Experience in patch and vulnerability Management, procedures and processes.
- Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives.
- Experience in large, geographically diverse enterprise networks.
- Develop procedures and process documentations.
- Extensive knowledge with enterprise Server Operating Systems such as RHEL 6/7, CentOS, and Ubuntu.
- Extensive knowledge of enterprise deployment strategies for server OS.
- Experience and understanding of OS lifecycle management and secure system configurations.
- Experience with patch management tools.
- Experience with AWS Cloud and Azure offerings.
- Experience working with both standalone and blade server technologies.
- Extensive knowledge of virtualization technologies.
- Experience with performance tuning and troubleshooting server OS issues (CPU, Memory and I/O).
- Experience with configuration management tools such as Puppet.
- Ability to automate common and repeatable tasks/processes.
- Experience interacting with APIs to automate processes.
- Working knowledge of Enterprise NAS/SAN technologies.
- Working knowledge of Enterprise clustering technologies.
- Require strong automation and scripting Shell is required.
- Knowledge of Shell scripting (any one of bash, csh, ksh, WMI, PowerShell) or a high-level programming language (Perl, C++, VB/Java scripting) is a big plus.
- Strong understanding of project management methodologies and processes (Lean, Agile).
- Strong knowledge of Incident, Problem and Change Management processes
- Ability to create "Run Books", defining day-to-day support, maintenance, troubleshooting of the infrastructure.
- Excellent analytical skills and the ability to apply them towards the investigation of existing installations
- ITIL v3 Foundation certification or good working knowledge of ITIL best practices is required
- Graduate degree in Computer Science or related field, or MBA a plus.
- Industry Certification in relevant area is a plus.
Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion, national origin, citizen status, marital status, physical or mental disability, military or veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Moody's also provides reasonable accommodation to qualified individuals with disabilities in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email email@example.com.. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.
For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance. For New York City positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the New York City Fair Chance Act. For all other applicants, qualified applicants with criminal histories will be considered for employment consistent with the requirements of applicable law.
Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.