S&P Global Director, Infrastructure Vulnerability Remediation in Virtual, New York
The Compute and Cloud Operations team is responsible to develop infrastructure architecture and standards for deployments in SPGlobal data centers as well as public Cloud in collaboration with the SPGlobal business and service providers to ensure the delivery of services is predictable and of high quality at the right cost. In addition, the team is responsible to eliminate vulnerabilities in the environment from infrastructure as well as leading the planning and execution of remediation of vulnerabilities in business applications. The team is also responsible to ensure public cloud operations delivers on a predictable, scalable, secure and easy to use environment.
The Director of Vulnerability Remediation is a critical role responsible for the remediation of vulnerabilities in infrastructure and business applications in SPGlobal on-premises, private cloud and public cloud environments.
What s in it for you:
This role presents a unique opportunity to drive infrastructure vulnerability remediation for the entire company across all divisions. This role offers the right candidate a ground floor opportunity to build new systems and deliver new technology to modernize the company s environment as part of the vulnerability remediation objective. It also provides the opportunity to work with application development groups to secure business applications and play a very influential role on private - public cloud application deployment.
The measurable reduction - elimination of infrastructure vulnerabilities in the environment
The development of a strategy and actionable plan for vulnerability remediation
Serves as a senior most technical member of the Technology organization, providing authoritative guidance and setting direction in architectural and development activities as it pertains to vulnerability remediation
Understands Development technologies as well as full stack infrastructure.
Works with both onsite and remote teams to ensure that high-quality solutions are delivered in a timely fashion
Collaborates with the existing Information Security Organization on strategies to remediate vulnerabilities
Recommends remediation strategies, including security controls, patching and - or corrective actions for mitigating technical and business risk
- Deliver roadmaps for the Attack Surface Reduction function in infrastructure
What We re Looking For:*
A Bachelor s Degree in Computer Science, Engineering, Mathematics, related field or equivalent experience
10 years of practical, hands-on experience
Experience remediating security vulnerabilities
Experience delivering solutions in a complex, globally distributed infrastructure
Expertise with both Linux and Windows technologies and their use in delivering secure, highly available, mission critical enterprise-class solutions
Hands-on expert knowledge of Windows, UNIX and Linux
Scanning tools (e.g. Qualys WAS, Nexpose, etc.)
Hands on knowledge with patching solutions including SCCM, WSUS, WebLogic
Programming and Scripting Languages, e.g. Java, Python, PowerShell, etc.
Deep technical understanding of full stack infrastructure and engineering best practices
Deep understanding of application development technologies
Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously
Ability to work hands-on with technology solutions
Demonstrated ability to perform independent analysis of complex problems and distill relevant findings and root causes
Strong foundational knowledge in information technology, to include hardware, networking, architecture, protocols, files systems and operating systems
An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and the associated impact on the organization
An ability to effectively influence others to modify their opinions, plans, or behaviors
Stays up-to-date with IT Operations trends and new best practices Must be effective in working both independently and in a team setting
Excellent technical knowledge of current systems software, protocols, and standards.
Ability to create constructive relationships, influence, and communicate (to project team, IT management, and non-technical staff).
Ability to lead complex, cross-functional problem-solving initiatives.
Exceptional analytical, conceptual, and problem-solving abilities.
Excellent interpersonal and consultative skills.
Proven ability to prioritize and execute tasks in a high-pressure environment.
Promoting a team-oriented, collaborative environment
Hands on working knowledge of automation applications such as Ansible
Experience delivering solutions in a hybrid cloud environment that spans public clouds and on-premises data centers to virtualize infrastructure and move workloads between environments to meet business objectives
Experience in the financial markets a strong benefit
Background in varied technologies such as telecommunications, client server architectures, electronic commerce infrastructures, enterprise and workgroup server platforms, Web applications, portals, etc.
Advanced degree strongly desired
To all recruitment agencies:
S&P Global does not accept unsolicited agency resumes. Please do not forward such resumes to any S&P Global employee, office location or website. S&P Global will not be responsible for any fees related to such resumes.
S&P Global is an equal opportunity employer committed to making all employment decisions without regard to race - ethnicity, gender, pregnancy, gender identity or expression, color, creed, religion, national origin, age, disability, marital status (including domestic partnerships and civil unions), sexual orientation, military veteran status, unemployment status, or any other basis prohibited by federal, state or local law. Only electronic job submissions will be considered for employment.
If you need an accommodation during the application process due to a disability, please send an email to:
EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.
The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law.