Mastercard
Systems Platform Engineer - Patching and Vulnerability Management
This job is now closed
Job Description
- Req#: R-210466
Abide by Mastercard’s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
Our Purpose
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Title and Summary
Systems Platform Engineer - Patching and Vulnerability Management Main purpose of the role:
To be responsible for the patching and vulnerability management of all Wintel (SCCM) services across Corporate IT and Production physical and virtual environments in VocalinkMastercard data centres
Key accountabilities and duties:
• Monitor systems to ensure all patching is completed successfully and track patch management metrics, producing reports on compliance & effectiveness.
• To support all Wintel services to VocalinkMastercard standards.
• To participate in daily checks on key systems and log any issues not already logged by monitoring and alerting.
• To work through live issues, call queue by order of priority and time open.
• To assist in the analysis of root causes of all major patching and vulnerability issues, planning redesigns where appropriate.
• To raise appropriate changes in order to implement resolutions and adhere to internal Change Control and ITIL standards.
• To provide operational technical knowledge at project meetings during Wintel systems project lifecycle if necessary.
• To work in partnership with 3rd party support companies to provide timely resolutions within agreed SLAs.
• To ensure that all Vocalink Wintel services remain PCI DSS compliant.
• To provide proactive monitoring of server estate to include volume and performance stats.
• To ensure all Vocalink Wintel Servers remain patched and compliant to security standards.
• To ensure all Vocalink PVDI's & NPVDI's remain patched and compliant to security standards.
• To ensure all vulnerabilities are remediated and compliant to security standards and remain compliant.
• Evening shift work on a rota basis 09:00 -17:00 15:00 - 23:00
• To carry out any other task associated with the role as reasonably requested.
Knowledge, skills and experience:
Experience of working with Patch Management, Vulnerability Management, Reporting, Agent Procedures, Policy Management and PCI standards.
Up to date experience of IT Systems, Infrastructure & Security.
Strong understanding of Microsoft patching schedules & methods.
Strong experience working with SCCM, Ivanti Patch,
Shift work Required
Essential:
Good understanding of industry best practices across the Corporate and Wintel technology stack.
Evening shift work on a rota basis 09:00 -17:00 and 15:00 - 23:00
Excellent understanding of service offering and the ability to articulate at all levels in the organisation. Comprehensive working knowledge of the following Wintel technologies:
Patch management of Wintel systems (SCCM, S Ivanti Patch, VXRails etc)
Optimization of SCCM Site Servers and Knowledge in Disaster Recovery using SCCM Backups
Maintain the health of the SCCM environment including clients, servers and distribution points
Assist in the creation\updating of SCCM documentation
Vulnerability remediation management of all Wintel Server and endpoints, PVDI, Desktops, Thin clients and Laptops
Trellix ePO Administration and Qualys reports,
Microsoft Operating Systems including Windows 2012-22 Server and Windows 10.
Administration experience of Windows 2012/16/19/22 server including Active Directory, Group Policy, User profiles and folder redirection
Good understanding of virtualisation technology in enterprise environment (VMware, App-V), including using templates, deploying, managing, and troubleshooting virtual servers and/or desktops NPVDI/PVDI.
Good understanding of Ivanti Appsense, Environment Manager and Application Manager
IPv4/6 Networking Technologies – understanding of routing, DHCP, DNS, network security (proxy servers, firewalls)
Strong knowledge and hands on experience with at least 1 of the technologies specified under the Desirable section.
Shift work and ability to work as part of a team.
As a member of the extended Global IT patching and Security team, working closely with peers to provide a cohesive and collaborative end-to-end patching and security function.
Excellent customer focus and ability to build rapport.
Highly motivated, driven by the achievement of agreed objectives. Ability to organise and execute team objectives and plans.
Ability to work unsupervised and manage assigned workload and priorities. Flexibility to take on new products, services, strategies, ways of working etc.
Ability to proactively research alternatives and solutions to problems and take action to resolve.
Providing advice and guidance on the mitigation of risks associated with vulnerabilities and non-compliance with Operational Security Standards liaising with regional/country technology teams as required.
Performing periodic and ad-hoc vulnerability assessments, assessing newly identified vulnerabilities and its impact on the enterprise and communicate to respective stake holders. Ensure parameters are established and monitor process quality and performance metrics.
Responsible for coordinating with Security and Monitoring team configuring and maintaining vulnerability assessment tools, performing scans, researching, and analysing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results.
Mentor and train junior level SCCM administrators.
Desirable:
Knowledge of and hands-on expertise with one or more of the following will be beneficial:
Disaster recovery
HP blade server hardware (C-class). VXRail
Citrix technologies (Storefront/Xendesktop/XenApp, etc)
Microsoft Exchange
Token Based security products (RSA/Nexus TruID)
Microsoft SQL server
Load Balancing Technologies – hardware and/or software (NLB)
MS Application Virtualisation (App-V)
Security software – antivirus, email encryption, DLP software (Preferably Trellix and Symantec) AppSense Desktop Now Suite (Personnalisation, Environnent and Application Manager)
Qualifications:
Microsoft Certification (SCCM, MCP, MCITP, MCSE, MCSA, MCTS etc)
VMWare Certified Professional
Working towards MCITP
Citrix Certified Administrator
Degree in Computer Science, Education, Technical, Engineering, Information Technology, Information Systems, Administration, Business, Science, Technology
The job holder will need to be vetted for security purposes.Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
About the company
Transforming the way we live Electronic payments have the ability to create a world with greater opportunities for all. To take us beyond borders, to new markets. Beyond mere moments, to meaningful experiences. That's the power of a World Beyond Cash®. And that's Priceless®.
Notice
Talentify is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
Talentify provides reasonable accommodations to qualified applicants with disabilities, including disabled veterans. Request assistance at accessibility@talentify.io or 407-000-0000.
Federal law requires every new hire to complete Form I-9 and present proof of identity and U.S. work eligibility.
An Automated Employment Decision Tool (AEDT) will score your job-related skills and responses. Bias-audit & data-use details: www.talentify.io/bias-audit-report. NYC applicants may request an alternative process or accommodation at aedt@talentify.io or 407-000-0000.