As one of the world’s leading independent global investment firms, Invesco is dedicated to rethinking possibilities for our clients. By delivering the combined power of our distinctive investment management capabilities, we provide a wide range of investment strategies and vehicles to our clients around the world. If you're looking for challenging work, intelligent colleagues, and exposure across a global footprint, come explore your potential at Invesco.
Our people are at the very core of our success. Invesco employees get more out of life through our comprehensive compensation and benefit offerings including:
Flexible paid time off
Hybrid work schedule
401(K) matching of 100% up to the first 6% with a discretionary supplemental contribution
Health & wellbeing benefits
Parental Leave benefits
Employee stock purchase plan
Responsible for execution of Invesco’s enterprise vulnerability and security patch management capability across hybrid and cloud-native infrastructure. This role focuses on reducing material risk at scale through automation-first engineering, high-fidelity data, and AI-assisted prioritization, enabling faster, smarter remediation decisions across complex environments.
As part of a dedicated infrastructure security engineering team, you will play a key role in protecting Invesco’s platforms, data, and reputation by driving continuous improvement across the vulnerability lifecycle—from asset discovery and signal quality to remediation orchestration. Demonstrate through key metrics, challenges and success.
Responsibilities of the Role:You'll oversee the execution of vulnerability lifecycle automation (on-prem and cloud), accuracy and enrichment of vulnerability and asset data to improve prioritization and ownership, development of meaningful metrics, adoption and advancement of AI-assisted risk scoring, forecasting, and remediation decision support.
This role works closely with infrastructure, cloud and platform engineering teams along with global security teams.
Subject matter expert on Security patch deployment methodologies and tools based on best industry practice.
Responsible for risk assessment, deployment activities, scheduling and prioritization.
Comfortable using AI tools to classify, enrich and prioritize security data, detect anomalies and trends.
Responsible for reporting back on progress of compliance; contribute to creating metric reports that track team success. Drive accountability to ensure Invesco risk profile is maintained to zero breach in compliance.
Ensure tools used in the role to maintain accurate and effective risk profile
Identify opportunities to improve process and tools that would gain either capacity in the team or reduce time taken to close out vulnerabilities.
Provide technical assistance and lead response to audit reports, including creation of professional documents that would be shared at a senior executive level.
Act as a mentor and guide to other Team members. Deputize in the absence of line Manager whilst acting as a technical lead on cross-team initiatives.
Drive a culture of continuous improvement, experimentation and lead projects/initiatives where required.
Technical mindset with proven experience working in Infrastructure environment in the past 8-10+ years
Experience in managing cyclical security deployment program(s)
Proven experience working in any of the following technology environments; Microsoft Operating Systems, CISCO Networks, UNIX/Redhat
Worked in Financial services industry for a minimum of 5 years.
Superior written and oral communication skills, working in a global enterprise organization
Strong skill base (5+ years) using legacy Microsoft End point Management (MECM)
Demonstrate use, management and interpretation of Security scanning tools such as Wiz and Qualys
Practical experience of prioritizing remediations plans based on risk score classifications
Designing and implementing automation pipelines for patch orchestration, validation and reporting and exception handling
Leverage AI/ML techniques to identify duplicate, inaccurate or noisy vulnerability data, including forecasting emerging exploit-based risks
API-first mindset
Advanced scripting, automation in PowerShell, Python, Microsoft Power Automate
Knowledge:
Familiar with ServiceNow and ITIL Framework
Strong PowerBI, Windows Operating systems (Server and Desktop), advanced use of O365 products, in particular Excel and manipulation of extensive data sets
Proven automation / scripting-based skills to enable enterprise wide deployments or methodologies associated with
Interpret and provide written recommendations on how vulnerabilities present a threat in a multitude of Technology platforms (stated above), the challenges associated to the environment that enable gauging risk profile
Proficient in working within regulated Change Management environment, focus on risk and impact
Desirable (not essential) Red Hat Satellite Server
Deep hands-on experience, across enterprise cloud environments such as AWS and Microsoft Azure/M365 (Intune)
Solid understanding of vulnerability industry standard scoring mechanisms such as CVSS, EPSS, KEV.
Proven ability to improve fidelity of vulnerability and asset data (correlating across CMDB, Cloud discovery and scanner output).
Building and maintaining PowerBI dashboards for analytical purpose that create insight to action
Preferred Qualifications:
Industry-recognized cloud platform certifications (foundational and/or associate/advanced), across enterprise cloud environments including but not limited to;
Microsoft 365 Certified: Endpoint Administrator Associate/Expert/Security Specialization
Windows Server Hybrid Administrator Associate
Azure Administrator/Security/Hybrid/Networking
Microsoft Certified: Security Operations Analyst Associate
AWS Foundation/Associate/Professional
AWS Certified Security Specialist/DevOps/Solutions Architect
Pursuant to Invesco’s Workplace Policy, employees are expected to comply with the firm’s most current workplace model, which as of October 1, 2025, includes spending at least four full days each week working in an Invesco office. This reflects our belief that spending time together in the office helps us build stronger relationships, collaborate more easily, and support each other’s growth and development.
The above information on this description has been designed to indicate the general nature and level of work performed by employees within this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job. The job holder may be required to perform other duties as deemed appropriate by their manager from time to time.
Invesco's culture of inclusivity and its commitment to diversity in the workplace are demonstrated through our people practices. We are proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender, gender identity, sexual orientation, marital status, national origin, citizenship status, disability, age, or veteran status. Our equal opportunity employment efforts comply with all applicable U.S. state and federal laws governing non-discrimination in employment.
Skills Required
- 8-10+ years experience working in an Infrastructure environment
- Experience managing cyclical security deployment programs
- Experience with Microsoft Operating Systems (Server and Desktop)
- Experience with CISCO Networks
- Experience with UNIX/Red Hat
- Minimum 5 years working in Financial Services industry
- Superior written and oral communication skills in a global enterprise
- 5+ years using MECM (Microsoft Endpoint Configuration Manager)
- Experience using and interpreting security scanning tools such as Wiz and Qualys
- Practical experience prioritizing remediation plans based on risk score classifications
- Designing and implementing automation pipelines for patch orchestration, validation, reporting and exception handling
- Experience leveraging AI/ML techniques to clean and forecast vulnerability data and exploit risk
- API-first mindset and automation-focused engineering
- Advanced scripting and automation in PowerShell, Python, and Microsoft Power Automate
- Familiarity with ServiceNow and ITIL framework
- Strong PowerBI proficiency and advanced Excel/data manipulation skills
- Proven ability to improve fidelity of vulnerability and asset data (correlate CMDB, cloud discovery, scanner output)
- Proficient working within regulated Change Management environments
- Deep hands-on experience across enterprise cloud environments such as AWS and Microsoft Azure/M365 (Intune)
- Understanding of vulnerability scoring mechanisms such as CVSS, EPSS, KEV
- Red Hat Satellite Server
- Industry-recognized cloud platform certifications (Microsoft, Azure, AWS etc.)
Invesco Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Invesco and has not been reviewed or approved by Invesco.
-
Retirement Support — Retirement programs emphasize a strong 401(k) design with immediate eligibility and match vesting, alongside references to employer contributions that support long-term savings. Materials position retirement offerings as a core element of a comprehensive total-rewards package.
-
Parental & Family Support — Parental leave is positioned as a robust offering in the U.S. and EMEA, with detailed paid-leave durations previously disclosed and an emphasis on inclusive, gender-neutral policies. Company information indicates broad parental-leave availability as part of total rewards, subject to local specifics.
-
Leave & Time Off Breadth — Paid time off and holidays are highlighted as meaningful components of the package, with flexibility noted in some areas. Feedback suggests certain U.S. exempt roles use flexible or “unlimited” PTO approaches that enhance practical time-off access.
Invesco Insights
What We Do
Invesco is an independent investment management firm delivering an investment experience designed to help people get more out of life.







