About Invesco

As one of the world’s leading independent global investment firms, Invesco is dedicated to rethinking possibilities for our clients. By delivering the combined power of our distinctive investment management capabilities, we provide a wide range of investment strategies and vehicles to our clients around the world. If you're looking for challenging work, intelligent colleagues, and exposure across a global footprint, come explore your potential at Invesco.

About the Role:

Responsible for execution of Invesco’s enterprise vulnerability and security patch management capability across hybrid and cloud-native infrastructure. This role focuses on reducing material risk at scale through automation-first engineering, high-fidelity data, and AI-assisted prioritization, enabling faster, smarter remediation decisions across complex environments.

As part of a dedicated infrastructure security engineering team, you will play a key role in protecting Invesco’s platforms, data, and reputation by driving continuous improvement across the vulnerability lifecycle—from asset discovery and signal quality to remediation orchestration. Demonstrate through key metrics, challenges and success.

Responsibilities of the Role:

You'll oversee the execution of vulnerability lifecycle automation (on-prem and cloud), accuracy and enrichment of vulnerability and asset data to improve prioritization and ownership, development of meaningful metrics, adoption and advancement of AI-assisted risk scoring, forecasting, and remediation decision support.

This role works closely with infrastructure, cloud and platform engineering teams along with global security teams.

• Subject matter expert on Security patch deployment methodologies and tools based on best industry practice.

• Responsible for risk assessment, deployment activities, scheduling and prioritization.

• Comfortable using AI tools to classify, enrich and prioritize security data, detect anomalies and trends.

• Responsible for reporting back on progress of compliance; contribute to creating metric reports that track team success. Drive accountability to ensure Invesco risk profile is maintained to zero breach in compliance.

• Ensure tools used in the role to maintain accurate and effective risk profile

• Identify opportunities to improve process and tools that would gain either capacity in the team or reduce time taken to close out vulnerabilities.

• Provide technical assistance and lead response to audit reports, including creation of professional documents that would be shared at a senior executive level.

• Act as a mentor and guide to other Team members. Deputize in the absence of line Manager whilst acting as a technical lead on cross-team initiatives.

• Drive a culture of continuous improvement, experimentation and lead projects/initiatives where required.

Requirements of the Role:

• Technical mindset with proven experience working in Infrastructure environment in the past 8-10+ years

• Experience in managing cyclical security deployment program(s)

• Proven experience working in any of the following technology environments; Microsoft Operating Systems, CISCO Networks, UNIX/Redhat

• Worked in Financial services industry for a minimum of 5 years.

• Superior written and oral communication skills, working in a global enterprise organization

• Strong skill base (5+ years) using legacy Microsoft End point Management (MECM)

• Demonstrate use, management and interpretation of Security scanning tools such as Wiz and Qualys

• Practical experience of prioritizing remediations plans based on risk score classifications

• Designing and implementing automation pipelines for patch orchestration, validation and reporting and exception handling

• Leverage AI/ML techniques to identify duplicate, inaccurate or noisy vulnerability data, including forecasting emerging exploit-based risks

• API-first mindset

• Advanced scripting, automation in PowerShell, Python, Microsoft Power Automate

Knowledge:

• Familiar with ServiceNow and ITIL Framework

• Strong PowerBI, Windows Operating systems (Server and Desktop), advanced use of O365 products, in particular Excel and manipulation of extensive data sets

• Proven automation / scripting-based skills to enable enterprise wide deployments or methodologies associated with

• Interpret and provide written recommendations on how vulnerabilities present a threat in a multitude of Technology platforms (stated above), the challenges associated to the environment that enable gauging risk profile

• Proficient in working within regulated Change Management environment, focus on risk and impact

• Desirable (not essential) Red Hat Satellite Server

• Deep hands-on experience, across enterprise cloud environments such as AWS and Microsoft Azure/M365 (Intune)

• Solid understanding of vulnerability industry standard scoring mechanisms such as CVSS, EPSS, KEV.

• Proven ability to improve fidelity of vulnerability and asset data (correlating across CMDB, Cloud discovery and scanner output).

• Building and maintaining PowerBI dashboards for analytical purpose that create insight to action

Preferred Qualifications:

Industry-recognized cloud platform certifications (foundational and/or associate/advanced), across enterprise cloud environments including but not limited to;

• Microsoft 365 Certified: Endpoint Administrator Associate/Expert/Security Specialization

• Windows Server Hybrid Administrator Associate

• Azure Administrator/Security/Hybrid/Networking

• Microsoft Certified: Security Operations Analyst Associate

• AWS Foundation/Associate/Professional

• AWS Certified Security Specialist/DevOps/Solutions Architect

Full Time / Part Time

Full time

Worker Type

Employee

Job Exempt (Yes / No)

Yes

Workplace Model

Pursuant to Invesco’s Workplace Policy, employees are expected to comply with the firm’s most current workplace model, which as of October 1, 2025, includes spending at least four full days each week working in an Invesco office. This reflects our belief that spending time together in the office helps us build stronger relationships, collaborate more easily, and support each other’s growth and development.

The above information on this description has been designed to indicate the general nature and level of work performed by employees within this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job. The job holder may be required to perform other duties as deemed appropriate by their manager from time to time.

Invesco's culture of inclusivity and its commitment to diversity in the workplace are demonstrated through our people practices. We are proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender, gender identity, sexual orientation, marital status, national origin, citizenship status, disability, age, or veteran status. Our equal opportunity employment efforts comply with all applicable U.S. state and federal laws governing non-discrimination in employment.