Overview
This is a hybrid role, with the expectation that time working will regularly take place inside and outside of a company office. This position is responsible for all aspects of Vulnerability Patch Management operations, governance and reporting. This position is aligned and partnered with the Information Security Organization's Vulnerability Management Program. Oversees the assessment, planning and execution of all patching activities across the technology stack, aligning and driving consistency in Standards, Policy and Process in every line of business. Monitoring, Forecasting and Reporting are critical to the success of this role being able to develop rolling plans to address critical, high, moderate and even low vulnerabilities so risk can be proactively managed and brought to the correct levels of management to address and support timely remediation. This role is a pivotal coordination point with the service and business lines to plan properly and reduce disruption. It is expected that this team operates in harmony with Information Security to review tracking, insure proper oversight and controls and drive the proper metric reporting to deliver transparency to residual risk in the environment. This role will be expected to speak to its program at all levels of the environment and have daily management oversight and reviews on all change management and patching activity.
Responsibilities
- Vulnerability and Patch Management Strategy - Collaborates with Information Security and with key senior stakeholders in the service and business lines to create an overall strategy of prioritization based on criticality of vulnerability and system. Publish of a set schedule across all technology towers and environments that is communicated and interlocked with stakeholders.
- Complete and Accurate - Ensure that the CMDB and inventory is complete and accurate so planning and execution is non disruptive. Establish and maintain process and governance to ensure completeness and accuracy through lifecycle and change management. Reporting of forecasts and metrics are linked to completeness and accuracy to make sure all reporting get consolidated and is represented properly at all levels of management.
- Discipline and Structure - Build and drive a culture of discipline and structure creating run books for operation execution and a clear and consistent communication of status before, during and after execution of change. Required representation in the morning operations call to provide status of all patching activity from prior 24 hours and any downstream impact to reporting and metrics.
- Regulatory and Governance - Responsible for all aspects and performance of the Vulnerability and Patch Management Program. Required to participate in all audits and exams relating to vulnerabilities and patching operations as well as present to Senior Management, Risk Committee's and other Governance bodies and Regulatory interactions.
- Managerial and Leadership Functions - Foster a positive culture through inspiring leadership that creates a sense of ownership and responsibility. Teamwork and Collaboration remain at the forefront of how leadership and the team interact across the organization. Open communications that remove any focus on blame and promote honesty with responsibility to develop a "find issues and fix them so they don't happen again" mindset. Establishes and monitors expectations to achieve company and department goals. Makes appropriate changes to team policies, procedures, and efficiencies in order to meet objectives. Manages the performance, training, and evaluation of assigned staff and service providers. Maximizes department achievements by providing professional development and ensures proper long term and short-term workforce planning. Establishes, manages, and monitors financial processes from an IT perspective to achieve budget goals. Responsible for financial management, invoice audits, the capitalization process, and accurate financial reporting.
Qualifications
Bachelor's Degree and 10 years of experience with Complex leadership and management responsibilities in an Infrastructure and Operations Enterprise environment OR High School Diploma or GED and 14 years of experience with Complex leadership and management responsibilities in an Infrastructure and Operations Enterprise environment Required Skills
- Knowledge of information technology as it relates to managing development, principles, and practices
- Ability to manage and customize third party solutions
- Managing vendor relationships to escalate and ensure support of ongoing business
- Ability to develop short term and long term plans to support business needs
- Ability to assess, acquire and retain tor appropriately manage talent
Preferred Skills
- Knowledge of Cloud Compliance
- Knowledge of SaaS partners and operations
- Knowledge of Application lifecycle and DevOps
- Prioritization skills
- Knowledge of Infrastructure technology and applications
- Risk management and mitigation
- Banking acumen / knowledge
- Forecasting and Metrics
First Citizens benefits programs are designed to meet our associates where they are in life. Full-time associates (20+ hours) are offered a comprehensive benefits program, with customized offerings, including those designed to support families, however defined. More information regarding our benefits offerings can be found here: https://jobs.firstcitizens.com/benefits.
|