Lead, Enterprise Patch Management Service

AESO - Calgary, AB (29 days ago)

Apply Now

The Alberta Electric System Operator is responsible for the safe, reliable, and economic planning and operation of the Alberta Interconnected Electric System. We provide open and non-discriminatory access to Alberta’s interconnected power grid and also facilitate Alberta’s competitive wholesale electricity market which, in 2017, had 291 participants and approximately $3 Billion in annual energy transactions.

Summary of Position:
The Enterprise Patch Management Service Lead is responsible for leading, administering and evolving the AESO’s Enterprise Patch Management (EPM) practice. This role is integral in ensuring that all IT-supported products and software systems / tools are proactively and methodically patched to current levels in order to reduce the risk of potential vulnerabilities or functional problems.

Crossing organizational boundaries, the Patch Management Service Leader will lead practices in the identification, evaluation, validation, deployment and verification of the application of patches, delivering services across the following service domains:

End User Computing devices (including operating systems and firmware for desktops, laptops and tablets, enterprise printers, support utilities / tools)
Enterprise Systems (including enterprise mail services, time tracking system, service management tools, custom-off-the-shelf applications and office productivity suites)
Server-based technology (including operating system, virtualization platforms, hardware firmware, server utilities / tools)
Storage technology (including storage operating system, storage firmware, SAN firmware)
Network technology (includes network and telecommunications hardware firmware, network utilities / tools)
Middleware Software (includes patches and minor service packs)
Database technology (includes all database engines, database replication and database utilities / tools)

Accountabilities:
Based on the defined Enterprise Patch Management cycle, the accountabilities for the Patch Management Service Leader include:

Patch Identification
Work with responsible operational teams (including Cybersecurity and Infrastructure & Operations) to identify and itemize applicable (based on vendor patch releases, advisories and identified vulnerabilities) patches for all IT assets and products within each of the service domains on a defined, repeatable timetable.

Evaluate / Assess Patches
Oversee activities by responsible operational teams in performing a review of the applicable patches for the identification and evaluation of risk exposure and to identify and recommend the remediation action plan for addressing the risk.

Validate and Plan for Patch Deployment
Work with responsible operational and/or delivery teams to plan and schedule the deployment of patches for each of the service domains. This will include determining the most appropriate timing and window of opportunity to deploy the patches, including through:
Monthly delivery cycles;
Quarterly application releases (to synergize with already planned activities);
Scheduled data centre outages and islanding exercises;
Opportunities through one-time project enhancements (to synergize with already planned activities).

Schedule and Deploy Patches
Following established configuration, change and release management practices, oversee the successful scheduling and deployment of patches based on the identified plan.
Deliver a consolidated report on progress and agreed-to KPI’s for all patch progress, regardless of delivery method.

Verification of Patch Deployment
Validate the plan to ensure that agree-to patches were successfully deployed within each of the service domains.
Document, communicate and plan corrective action for the remediation of any unsuccessful instances of patching.

In addition, the Patch Management Service Leader will be responsible for:

Coordination of EPM and ongoing operational and project activities and releases
Providing and maintaining an in-depth understanding of patch management processes and practices, identifying to management opportunities for the improvement of current practices.
Interact with management and operational teams to develop, support, and refine the services, while recognizing unique requirements and constraints of each domain
Establish and maintain processes and procedures that ensure compliance with all applicable IT controls.
Developing and maintaining working knowledge of cybersecurity risk management processes and controls.
Determine and identify resource requirements to perform all functions within the patch management service to ensure effective patch management service operations.
Maintaining an acute focus on the delivery of patch management services, including overseeing the performance of delivery teams in the identification, evaluation, planning, deployment and verification of patch activities.
Lead teams through all aspects of the patch management lifecycle and effectively manage risk through proper identification and management to resolution for issues and concerns.
Develop KPIs and reporting, including actionable insights on service operations / delivery, to various stakeholders regarding patch management service operations and performance.
Ensure patch management service operations meet stated goals and KPIs, and are delivering according to appropriate service level objectives.
Support management in the identification and tracking of budget and cost management for the patch management services.

Education / Degree / Certification:
Bachelors (or above) degree in Computer Science, IT or related field
Certification in ITIL Foundations preferred

Job Experience:
10 years of diverse IT experience in IT operations and project delivery with strong working knowledge of patch management tools and techniques
Strong working knowledge and experience with ITIL processes especially Asset and Configuration Management
Demonstrated ability to lead and operate effectively within a highly matrixed organization
Execution focused / results oriented team player with a ‘can-do’ attitude
A self-starter who is highly organized, is hands-on and overall a team player
Broad exposure to IT technology in developing well-rounded knowledge and understanding
Knowledge of technical product management techniques
Knowledge of reporting and tracking tools
Superior skills of influencing, negotiation, diplomacy
Demonstrates attention to detail, and is able to organize and maintain a system of record ensuring accuracy and consistency of a document or data
Ability to prioritize and manage a number of tasks simultaneously; perform a wide variety of tasks, and change focus quickly as demands change; adapt to varying client and project needs
Strong desire to continuously learn and take on new challenges
Good working knowledge of Microsoft Office products
Knowledge of project management fundamentals, especially in estimating, planning and controlling functions and duties

Application deadline: November 27, 2018 at 11:59pm MDT via our careers site

The Alberta Electric System Operator, and its members, officers, employees and agents (collectively, the "AESO") is committed to protecting personal information provided to it. By submitting your personal information to the AESO for the purpose of pursuing employment with the AESO, you hereby consent to the collection, use and disclosure of your personal information by the AESO, in accordance with the provisions of the Freedom of Information and Protection of Privacy Act of Alberta, as amended from time to time.