Job Description

Prudential\'s purpose is to help people get the most out of life. We will deliver our purpose by creating a culture in which diversity is celebrated and inclusion assured, for our colleagues, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and in exchange, we support our people\'s career ambitions. We pledge to make Prudential a place where you can Connect, Grow and Succeed.

The patch and vulnerability management are an ongoing, regular operations process of identifying, assessing, managing, remediating operating systems cyber vulnerabilities. The Patch & Vulnerability Management SME provides technical leadership in overseeing and managing the patch management process within Prudential group to protect Mission Critical Systems and Services to avoid unforeseen disruptions. This role will be primarily responsible for ensuring that all software and systems are up to date with the latest patches and hotfixes, minimizing security vulnerabilities, and maintaining optimal system performance. He/she will lead and manage a team of outsourced engineers to manage the end-to-end patch management activities. The role also requires close collaboration with various teams to develop and implement effective patch management strategies and ensures compliance with industry standards and best practices. The ideal candidate is expected to provide complex patch management program leadership within the enterprise and continuously promotes strong partnerships between Group Technology Operations (GTO) team and LBUs. This position is responsible for overseeing the effective IT operations following company risk management frameworks, and ensure alignment with the organisation\xe2\x80\x99s rapid growth and increasing regulatory requirements.

Roles and Responsibilities:

Provide domain and subject matter expertise in vulnerability and patch management.

Design, develop, review, and maintain a comprehensive patch management strategy and practice for the overall IT operations environment, considering security, operational, and business requirements.

Conduct regular patch management and vulnerability assessments to identify potential security risks and prioritize patching based on criticality, urgency, and impact. Such assessment should cover all layers of enterprise infrastructure, endpoints, server hardware, operating systems, and applications.

Collaborate with the security team to evaluate the risk associated with unpatched vulnerabilities and recommend appropriate mitigation strategies.

Closely collaborate with colleagues in Group Information Security & Privacy (GISP) team to review guidelines, policies, and procedures for patch management activities and ensure adherence across the organisation.

Review and coordinate the deployment of patches, updates, and security fixes across all systems, applications, and infrastructure.

Establish and/or enhance a standardised thorough testing process to verify the compatibility and stability of patches before deployment to production environments.

Work closely with infrastructure, application, security, and BU IT teams to schedule and implement patching activities with minimal impact on business operations.

Prepare detailed reports, metrics, and insights on patch compliance, analyse vulnerability remediation progress, and system performance to management and stakeholders. Regularly communicate the progress of patch management initiatives to senior leadership.

Analyse threats, vulnerability feeds, patch management gaps and propose continuous improvement / remediation plans.

Demonstrating system health and patching / vulnerability remediation compliance status based on predefined standards and routine maintenance of patch management.

Provide support during incident response efforts related to vulnerabilities or issues arising from patching activities.

Investigate and troubleshoot patch-related problems, collaborating with relevant teams to identify root causes and implement corrective actions.

Work within the change management and service management processes within Group Technology teams for all patch management coordination and execution.

Support the production of change risk assessments planned by Group Technology teams performing patch management and be able to present the changes to Change Advisory Boards, both internal and external.

Support technical evaluation and evidence for security assessments and audits.

Staying updated on new developments, emerging threats and vulnerabilities in cybersecurity standards, best practices and technologies related to patch management.

Desirable Qualifications, Skills and Experience;

Bachelor\xe2\x80\x99s degree and/or advanced diploma in IT related or relevant field.

At least 10 years of experience in Information Technology Operations, Engineering and/or IT Security function.

8 or more years of proven experience in IT patch management, vulnerability remediation, patch deployment experience, or a similar role.

Proven track record in developing and implementing a vulnerability and patch management program utilising a Vulnerability and Patch Management Framework such as NIST Cybersecurity Framework.

Demonstrated knowledge in systems vulnerability management and system hardening to mitigate Common Vulnerability and Exposures (CVE).

Strong knowledge of software patching methodologies and deployment tools such as SCCM, Red Hat Satellite and Jamf is preferred.

Solid experience in managing patch management for enterprise-wide Operating Systems such as Microsoft, Linux, AIX, AS400, Endpoint Protection software & tools.

Familiarity with vulnerability assessment tools (Qualys, Nessus, etc.) and techniques is a plus.

Experience with patch management automation systems and deployment methodologies.

Solid understanding of legacy and modern IT Infrastructure architectures & related technologies, network/web related protocols, security principles, and common security vulnerabilities.

Excellent communication and collaboration skills to work effectively with cross-functional teams, and manage stakeholder engagement.

Must understand cloud computing and IAAS services from patch management aspect.

Solid experience in project management and execution in IT Infrastructure / Operations.

Sound knowledge in ITIL, IT operations, project methodology and tools.

Self-driven & motivated, tenacious problem solver will own issues until full resolution.

Ability to carry out tasks to a high standard with a strong eye for attention to detail and thorough approach to their work.

Demonstrate strong analytical and problem-solving skills, excellent judgement, and possess a passion for continuous learning.

Background in regulated global companies a plus (financial institutions, pharmaceutical, healthcare, or similar).

Experience managing and working with MSP, minimum of 3 years of experience managing diverse technical teams

Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.

Prudential