Who We are Looking For:

This role will be member of the Global Infrastructure Operations Continuous Service Improvement (CSI) team as part of 247365 Production Management organization. An organization that delivers highly secure, reliable, efficient infrastructure technology operations services that are focused on the needs of all State Street business. Responsible for delivering continuous improvement across various infrastructure operations towers by supporting the ITIL framework to improve processes, which ultimately improve our business.

We are seeking a proficient Infrastructure Tools Vulnerability Remediation Specialist to join our team, tasked with identifying, prioritizing, and addressing vulnerabilities within our infrastructure tools and software stack. The ideal candidate will possess strong analytical skills, a deep understanding of infrastructure tools, and experience in vulnerability management and remediation.

What you will be responsible for:

The right person for this role will have a strong track record of program management experience, the demonstrated ability to deliver multiple high priority projects simultaneously, the ability to drive alignment across teams with competing priorities and be a strong advocate for risk management.

Job Responsibilities:

Conduct regular assessments and scans of infrastructure tools and software (e.g., monitoring tools, configuration management systems, automation

frameworks) to identify vulnerabilities, security weaknesses, and misconfigurations.

Collaborate with system administrators, DevOps engineers, and IT teams to prioritize and remediate identified vulnerabilities based on risk assessment and business impact.

Research security advisories, vendor patches, and industry best practices related to infrastructure tools to stay informed about emerging threats and patches.

Develop and maintain patch management processes, procedures, and automation scripts to facilitate timely and efficient patch deployment across infrastructure toolsets.

Coordinate with tool vendors, support teams, and stakeholders to test and validate patches for compatibility, functionality, and performance before deployment in production environments.

Monitor patch deployment progress, track remediation status, and maintain accurate records of patching activities and compliance.

Provide technical guidance and support to IT teams and stakeholders regarding patching procedures, infrastructure tool security best practices, and mitigation strategies for identified vulnerabilities.

Perform root cause analysis of security incidents and breaches related to infrastructure tool vulnerabilities and implement corrective actions to prevent recurrence.

Conduct vulnerability trend analysis and reporting to identify common vulnerabilities, recurring issues, and areas for improvement in the patch management process.

Stay abreast of emerging technologies, security trends, and industry developments in infrastructure tool security to continuously enhance the organization's security posture.

What we value

Bachelor's degree in computer science, information technology, or related field.

10 years of experience in infrastructure tools management, with a focus on vulnerability management and remediation.

Strong understanding of infrastructure tools and software, including monitoring, configuration management, and automation tools.

Experience with vulnerability assessment tools, patch management systems, and scripting languages for automation (e.g., Bash, PowerShell).

Knowledge of security principles, encryption, access controls, and audit mechanisms related to infrastructure tools.

Excellent analytical and problem-solving skills with the ability to prioritize and manage multiple tasks in a dynamic environment.

Effective communication skills with the ability to collaborate across teams and convey technical information to non-technical stakeholders.

Industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or ITIL Foundation are a plus.

This position offers the opportunity to play a critical role in maintaining the security and resilience of our infrastructure tools and software stack through proactive vulnerability management and remediation efforts. If you are passionate about infrastructure security and possess the technical expertise to address vulnerabilities effectively, we encourage you to apply.

Salary Range:
$130,000 - $212,500 Annual

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.


Equal Opportunity Employer - minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity