Company:
Sopra Steria is a listed European tech leader specializing in Consulting, Digital Services, and Software. With 60,000 employees worldwide across Europe, North America and Asia, Singapore serves as the HQ for our APAC operations. We focus on delivering Infrastructure, Cloud and Cybersecurity services across the region.
Description:
This role is for a technical support position and he/she will be responsible to oversees Middleware Vulnerability Management. They must plan and rectify middleware products security vulnerabilities. He/she will help ensure the quality of Core Middleware services remains consistently high and Create Middleware management reporting and dashboard and adhere to all IT security policies to maintain system integrity and quality.
The candidate must have excellent technical knowledge matched by a “can do” hands-on attitude to develop automatic process to generate reports and dashboard and always work to minimize operational risk. Also capable of develop scripts to manage repetitive or mass deployment tasks. The successful candidate will be a member of a dynamic IT team and will work with other IT teams in Asia, Europe and Americas, so must possess strong organization skills, have good time management and excellent written and communication skills.
Responsibilities:
Responsible for the overall Middleware Vulnerability Management of Core Middleware systems in APAC (infrastructure in Singapore, Hong Kong, Japan and China) and regional oversight of the rest of APAC countries.
Must have a mindset to provide continuous team and service improvements, be risk adverse in change management, focus on mitigating middleware vulnerabilities and be eager to improve the monitoring, efficiency, reliability, capacity and quality of all IT services.
Strive to ensure 100% uptime for all Core Middleware systems infrastructure in APAC, taking into account business requirements.
Able to plan, test and execute Production changes successfully following a robust Change Management process.
Responsible for updating all live production documentation under their scope.
Has direct hands on experience managing to reduce hardware and software obsolescence across IT.
Business relationships:
Work closely with all major stakeholders of the Core Middleware Systems, and any team(s) with direct influence and dependencies.
Must build a strong relationship with our internal customers in APAC.
Have proven experience working collaboratively with all teams across all departments and refusing to work in silo mode.
Follow all Security policies
Contribute to management reports and dashboards
Report all variances from Norms and Standards
Ensure and practice all production Disaster Recovery and BCP processes are in place
Governance:
Follow Security policies
Contribute to management reports and dashboards
Report all variances from Norms and Standards
Ensure and practice all production Disaster Recovery and BCP processes are in place
Requirements
Essential Technical Knowledge/Skills:
At least 5 - 7 years of technical experience in following middleware technologies listed below
Open source Apache HTTP Server (2.4.x)
Open source Tomcat application Server (8.x, 9.x)
Microsoft IIS server (IIS 8.5, 10)
REDHAT Jboss EWS (Apache / Tomcat 5.x)
REDHAT EAP application server (EAP 7.x)
IBM WebSphere Application server BASE \& ND (8.x, 9.x)
IBM WebSphere MQ server (8.x, 9.0, 9.1, 9.2)
Oracle WebLogic server (12.x, 14.x)
Analysis, remediation planning and execution for all overdue vulnerabilities for IBM MQ, IBM WAS, Apache, Tomcat, Jboss EAP/EWS products.
Analysis, remediation planning and execution for all Critical compliance deviations on Digital Platform assets, and ideally on High deviations for IBM MQ, IBM WAS, Apache, Tomcat, Jboss EAP/EWS.
Enhancement of the current processes for remediationd for all APAC assets where the remediation owner is Digital Platform (include assets provided to and supported for CIB, WM, Cardif entities), on the vulnerability management and compliance management remits.
Continuous improvement of the security watch process for the products under APAC Digital Platform management, to pro-actively plan for patching.
Experience in creating and producing reports and Dashboard.
Obtain skill for reporting : Tableau / Power query / Excel Micro programing / PowerBI / SQL query / Python / API
Optional skill set: Prometheus / Grafana / Kibana / ELK
Obtain skill for automation: Ansible scripting + Ansible tower
Middleware skill: IBM MQ, IBM WAS, Apache, Tomcat, Jboss EAP/EWS
Oversight of the Vulnerability \& Compliance Deviation remediation for the locally-managed network gears.
To apply security vulnerability fixes on timely manner as per business needs.
To apply security hardening policies for middleware production timely manner as per business needs.
Must have excellent written and verbal communication skills.
Productiveness team work and strong analytical skills.
Demonstrate a systematic and logical approach to problem-solving.
Good presentation and documentation skills.
Ability break down complex technical situations and adapt their language to all levels of discussion, from non-technical managers up to 3rd level System Experts.
Have knowledge and experience using agile methodologies and/or has been part of DevOps teams.
Be service oriented, customer focused, positive, committed and have an enthusiastic “can do” attitude.
Great time keeping skills and attention to detail is essential.
Flexibility to do shift work and some weekends or late after office hours at short notice.
Must be independent, organized, self-motivated, responsible, and able to complete tasks with little or no supervision.
Relishes taking ownership, being totally hands-on and comfortable directly interfacing with people at all levels of the organization.
Knows ITIL concepts and can apply them effectively.
Other Value-Added Competencies:
A professional certification in any of the application server technology listed.
Analytical thinking and strong diagnostic information gathering
Client-oriented, strong communication and organization skills
Initiative and multitasking
Ability to work under pressure
Having knowledge in ansible / good scripting skills in PowerShell, Python or other programming languages is an added advantage.
Benefits
Regular team buildings
18 leave days / year
Insurance: GP, Hospitalisation, Dental and Optical
Annual bonus
Working hours: from 9am to 6pm, Monday to Friday
Training and certifications paths