Job Information
Iron Mountain Senior System Engineer in Corby, United Kingdom
At Iron Mountain we know that work, when done well, makes a positive impact for our customers, our employees, and our planet. That’s why we need smart, committed people to join us. Whether you’re looking to start your career or make a change, talk to us and see how you can elevate the power of your work at Iron Mountain.
We provide expert, sustainable solutions in records and information management, digital transformation services, data centers, asset lifecycle management, and fine art storage, handling, and logistics. We proudly partner every day with our 225,000 customers around the world to preserve their invaluable artifacts, extract more from their inventory, and protect their data privacy in innovative and socially responsible ways.
Are you curious about being part of our growth story while evolving your skills in a culture that will welcome your unique contributions? If so, let's start the conversation.
Senior System Engineer, IT Systems Vulnerability & Patch Managment
In this role, the Vulnerability & Patch Management Engineer will lead high priority projects and day-to-day activities related to our Vulnerability & Patch Management Program. The Vulnerability Management Engineer is expected to deliver results while maintaining positive relationships with other IT infrastructure teams and project sponsors.
The Vulnerability & Patch Management Engineer will work in a team based environment performing technical duties supporting Vulnerability & Patch Management and be responsible for executing patches and configuration updates through the production promote life cycle. The Vulnerability & Patch Management Engineer acts as a threat and vulnerability resource assisting with daily operations, specifically the remediation of identified vulnerabilities ensuring compliance and security goals. This role works with IMDC Information Security Risk Management, business teams and infrastructure teams to track, and remediate open vulnerabilities on identified systems within negotiated service levels and assure testing in the development and test environments prior to promotion to production.
For this position, we are seeking a candidate who can administer and maintain centralized patch and vulnerability management solutions to ensure end-points are compliant with Security guidelines. Performs endpoint management to provide patching and task automation of servers and desktops to maintain a secure and compliant environment. Maintains a secure, patched, upgraded, and compliant Windows and Linux environment. Troubleshoots and resolves advanced and complex technical problems to ensure minimal disruption to the client mission critical environment. Prepares technical designs and documentation (i.e., knowledgebase articles) for use by support teams.
Job Specific Responsibilities:
Monitor weekly automated scans and perform analysis of enterprise-class information systems, to include discovery scans, compliance scans, and vulnerability scans
Coordinates with Vulnerability Manager on projects to improve the Vulnerability & Patch Management Program
Meeting vulnerability remediation timeframes as documented within the IMDC Operational Standards
Reporting on compliance to vulnerability remediation policy
Subject Matter Expert for our vulnerability scanner & tools
Vulnerability research, review, and escalation
Processing exception and dispute requests
Identifying and mitigating detection and reporting gaps
Tracking and reporting test results
Responding to audit requests
Key Skills, Requirements and Competencies:
8 years working directly with vulnerability and/or patch management
Possesses a strong understanding of vulnerability management concepts such as exposure, severity, criticality, risk, and threat
Possesses an understanding of how vulnerabilities are exploited
Possesses an understanding of SCAP, CVE, CVSS, CPE, CCE, VPR, and OVAL
Demonstrates a firm grasp of the concepts of risk management and mitigation
Possesses detailed understanding of various operating systems and common applications as they relate to vulnerabilities
Possesses an understanding of virtual server and cloud environments
Possesses a strong understanding of baseline scanning and compliance reporting
Possesses an understanding of enterprise technology infrastructure, application development & maintenance, software testing, and IT architecture
Possesses experience using a variety of vulnerability scanners and managing remediation efforts
Minimum Skills & Qualifications
Reporting on required metrics (key risk and performance indicators) to measure the monitoring and remediation program
Security+, CEH, CISM preferred
Outstanding written and verbal communication skills, with a high degree of professionalism and strict attention to detail
Must be a seasoned Vulnerability Management Engineer to proactively manage, upgrade, and improve a centrally managed infrastructure and provide customer support
Demonstrated subject matter expertise with vulnerability and patch management, insider threat and incident response.
Broad knowledge in risk analysis, threat mitigation, and other security domains.
Understanding of various networking ports, protocols and services.
Scripting experience (e.g. JavaScript, Python, and Linux shell).
Network architectures including vlan, routing, firewalls, and extreme network segmentation etc.
Significant experience with Linux and Windows operating systems, including extensive knowledge of virtualization platforms
Required to have broad technical knowledge on a number of security technologies and a solid understanding of information and networking security.
Soft skills such as the ability to build relationships, build consensus, negotiate solutions, and coordinate with other work streams through their decision process
Category: Information Technology
Iron Mountain is a global leader in storage and information management services trusted by more than 225,000 organizations in 60 countries. We safeguard billions of our customers’ assets, including critical business information, highly sensitive data, and invaluable cultural and historic artifacts. Take a look at our history here.
Iron Mountain helps lower cost and risk, comply with regulations, recover from disaster, and enable digital and sustainable solutions, whether in information management, digital transformation, secure storage and destruction, data center operations, cloud services, or art storage and logistics. Please see our Values and Code of Ethics for a look at our principles and aspirations in elevating the power of our work together.
If you have a physical or mental disability that requires special accommodations, please let us know by sending an email to accommodationrequest@ironmountain.com. See the Supplement to learn more about Equal Employment Opportunity.
Iron Mountain is committed to a policy of equal employment opportunity. We recruit and hire applicants without regard to race, color, religion, sex (including pregnancy), national origin, disability, age, sexual orientation, veteran status, genetic information, gender identity, gender expression, or any other factor prohibited by law.
To view the Equal Employment Opportunity is the Law posters and the supplement, as well as the Pay Transparency Policy Statement, CLICK HERE
Requisition: J0074694