Senior Engineer
Invesco · Atlanta, GA · 2 wk ago
EngineeringFull-time
About the role
Responsible for execution of Invesco’s enterprise vulnerability and security patch management capability across hybrid and cloud-native infrastructure. This role focuses on reducing material risk at scale through automation-first engineering, high-fidelity data, and AI-assisted prioritization, enabling faster, smarter remediation decisions across complex environments.
Responsibilities
- Oversee the execution of vulnerability lifecycle automation (on-prem and cloud)
- Audit and enrich vulnerability and asset data to improve prioritization and ownership
- Develop meaningful metrics
- Adopt and advance AI-assisted risk scoring, forecasting, and remediation decision support
- Work closely with infrastructure, cloud and platform engineering teams along with global security teams
- Subject matter expert on Security patch deployment methodologies and tools based on best industry practice
- Manage risk assessment, deployment activities, scheduling and prioritization
- Use AI tools to classify, enrich and prioritize security data, detect anomalies and trends
- Report back on progress of compliance; contribute to creating metric reports that track team success
- Drive accountability to ensure Invesco risk profile is maintained to zero breach in compliance
- Ensure tools used in the role to maintain accurate and effective risk profile
- Identify opportunities to improve process and tools that would gain either capacity in the team or reduce time taken to close out vulnerabilities
- Provide technical assistance and lead response to audit reports, including creation of professional documents that would be shared at a senior executive level
- Act as a mentor and guide to other Team members
- Deputize in the absence of line Manager whilst acting as a technical lead on cross-team initiatives
- Drive a culture of continuous improvement, experimentation and lead projects/initiatives where required
Requirements
- Technical mindset with proven experience working in Infrastructure environment in the past 8-10+ years
- Proven experience working in any of the following technology environments; Microsoft Operating Systems, CISCO Networks, UNIX/Redhat
- Worked in Financial services industry for a minimum of 5 years
- Superior written and oral communication skills, working in a global enterprise organization
- Strong skill base (5+ years) using legacy Microsoft End point Management (MECM)
- Demonstrate use, management and interpretation of Security scanning tools such as Wiz and Qualys
- Practical experience of prioritizing remediations plans based on risk score classifications
- Designing and implementing automation pipelines for patch orchestration, validation and reporting and exception handling
- Leverage AI/ML techniques to identify duplicate, inaccurate or noisy vulnerability data, including forecasting emerging exploit-based risks
- API-first mindset Advanced scripting, automation in PowerShell, Python, Microsoft Power Automate
- Knowledge: Familiar with ServiceNow and ITIL Framework Strong PowerBI, Windows Operating systems (Server and Desktop), advanced use of O365 products, in particular Excel and manipulation of extensive data sets
- Proven automation / scripting-based skills to enable enterprise wide deployments or methodologies associated with
- Interpret and provide written recommendations on how vulnerabilities present a threat in a multitude of Technology platforms (stated above), the challenges associated to the environment that enable gauging risk profile
- Proven ability to improve fidelity of vulnerability and asset data (correlating across CMDB, Cloud discovery and scanner output).
- Building and maintaining PowerBI dashboards for analytical purpose that create insight to action
Qualifications
- Industry-recognized cloud platform certifications (foundational and/or associate/advanced), across enterprise cloud environments including but not limited to; Microsoft 365 Certified: Endpoint Administrator Associate/Expert/Security Specialization
- Windows Server Hybrid Administrator Associate
- Azure Administrator/Security/Hybrid/Networking
- Microsoft Certified: Security Operations Analyst Associate
- AWS Foundation/Associate/Professional
- AWS Certified Security Specialist/DevOps/Solutions Architect