Devoteam Cyber Trust | Patch Management Officer | Financial Sector

Porto - Portugal

Monthly Salary: Not Disclosed

Posted on: 30-10-2025

Vacancies: 1 Vacancy

Job Summary

We are looking for a Patch Management Officer to lead the planning coordination and monitoring of patching activities across our IT environment. This role is focused on ensuring timely and effective patch deployment by working closely with infrastructure and security teams rather than executing the patches directly. The ideal candidate will have strong organizational and analytical skills a solid understanding of patch management processes and tools and experience in overseeing patch cycles in complex or regulated environments.

Develop patch deployment schedules and maintenance windows.
Coordinate with IT teams to plan and test patch rollouts.
Minimize disruption to business operations during patch implementation.
Vulnerability Management Support
Collaborate with the cybersecurity team to align patching with vulnerability scans.
Address vulnerabilities identified in external or internal assessments.
Ensure remediation timelines are met according to risk thresholds.
Monitor patch deployment success rates and failures.
Generate compliance and audit reports.
Track and report on unpatched systems or delayed updates.
Evaluate optimization in patch management tools and platforms.
Evaluate and recommend patch management technologies.
Ensure patch tools are updated and properly configured.
Work closely with infrastructure application and security teams.
Work with application owners and system admins to validate patch outcomes.
Communicate patch impacts and timelines to stakeholders.
Escalate unresolved or high-risk issues to management.
Manage and document patch exceptions and delays.
Conduct risk assessments for systems that cannot be patched.
Recommend and apply compensating controls as needed.
Maintain up-to-date patch management policies and procedures.
Document patching activities exceptions and rollback plans.
Ensure compliance with regulatory or industry standards (e.g. ISO 27001 NIST PCI-DSS).

Qualifications :

5 years experience in IT operations systems administration or information security roles.
Experience working in environments subject to audits and regulatory compliance (e.g. finance healthcare government) is a plus.
Familiarity with ITIL or similar frameworks.
Understanding of change management and incident escalation processes.
Knowledge of frameworks and compliance standards (e.g. ISO 27001 NIST PCI-DSS CIS).
Awareness of cybersecurity best practices.
Basic to intermediate knowledge of networking firewalls and endpoint devices.
Understanding of virtualization platforms (VMware Hyper-V) and cloud infrastructure (AWS Azure GCP).
Concepts and processes of patch lifecycle management.
Understanding of vulnerability scoring systems (e.g. CVSS).
Familiarity with vulnerability assessment tools (e.g. Tenable Qualys Rapid7).
Ability to assess the impact of missing patches and prioritize based on business risk.
Identify systems vulnerable to known exploits and determine mitigation actions.
Strong verbal and written communication skills to liaise with IT Security and Business Units.
Ability to explain technical details to non-technical stakeholders.
Skilled in creating patch reports compliance dashboards and documentation.
Attention to detail for maintaining audit trails and policy compliance records

Additional Information :

The Devoteam Group works for equal opportunities promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity dynamism and excellence of our organization. All of our vacancies are open to people with disabilities.

Join us in our mission to safeguard our clients critical digital assets by contributing your skills to a dedicated and expert team.

Apply now to grow your career and make a tangible impact as a key member of our Cybersecurity Engineering
Professional Services team!

Remote Work :

Employment Type :

Full-time

Develop patch deployment schedules and maintenance windows.
Coordinate with IT teams to plan and test patch rollouts.
Minimize disruption to business operations during patch implementation.
Vulnerability Management Support
Collaborate with the cybersecurity team to align patching with vulnerability scans.
Address vulnerabilities identified in external or internal assessments.
Ensure remediation timelines are met according to risk thresholds.
Monitor patch deployment success rates and failures.
Generate compliance and audit reports.
Track and report on unpatched systems or delayed updates.
Evaluate optimization in patch management tools and platforms.
Evaluate and recommend patch management technologies.
Ensure patch tools are updated and properly configured.
Work closely with infrastructure application and security teams.
Work with application owners and system admins to validate patch outcomes.
Communicate patch impacts and timelines to stakeholders.
Escalate unresolved or high-risk issues to management.
Manage and document patch exceptions and delays.
Conduct risk assessments for systems that cannot be patched.
Recommend and apply compensating controls as needed.
Maintain up-to-date patch management policies and procedures.
Document patching activities exceptions and rollback plans.
Ensure compliance with regulatory or industry standards (e.g. ISO 27001 NIST PCI-DSS).

Qualifications :

5 years experience in IT operations systems administration or information security roles.
Experience working in environments subject to audits and regulatory compliance (e.g. finance healthcare government) is a plus.
Familiarity with ITIL or similar frameworks.
Understanding of change management and incident escalation processes.
Knowledge of frameworks and compliance standards (e.g. ISO 27001 NIST PCI-DSS CIS).
Awareness of cybersecurity best practices.
Basic to intermediate knowledge of networking firewalls and endpoint devices.
Understanding of virtualization platforms (VMware Hyper-V) and cloud infrastructure (AWS Azure GCP).
Concepts and processes of patch lifecycle management.
Understanding of vulnerability scoring systems (e.g. CVSS).
Familiarity with vulnerability assessment tools (e.g. Tenable Qualys Rapid7).
Ability to assess the impact of missing patches and prioritize based on business risk.
Identify systems vulnerable to known exploits and determine mitigation actions.
Strong verbal and written communication skills to liaise with IT Security and Business Units.
Ability to explain technical details to non-technical stakeholders.
Skilled in creating patch reports compliance dashboards and documentation.
Attention to detail for maintaining audit trails and policy compliance records

Additional Information :

Join us in our mission to safeguard our clients critical digital assets by contributing your skills to a dedicated and expert team.

Apply now to grow your career and make a tangible impact as a key member of our Cybersecurity Engineering
Professional Services team!

Remote Work :

Employment Type :

Full-time

Key Skills

Internal Audit
Financial Performance
Financial Goals
Financial Policies
Journal Entries
Accounting
General Ledger Accounts
Financial Statements
Financial Transactions
Financial Procedures
Annual Budget
Ensure Compliance
Powerpoint
CPA
Financial Management

Apply Now

About Company

Devoteam

Devoteam is a AI-driven tech consulting firm specialised in cloud platforms, cyber, data, and sustainability. Tech native for almost 30 years, Devoteam guides businesses through sustainable digital transformation to deliver value. With over 11,000 tech architects in more than 25 co ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click