GENERAL SUMMARY

The Patch Management Specialist is responsible for supporting the Bank's endpoint patch management lifecycle to ensure timely, controlled, and compliant deployment of operating system, firmware, and application patches across the enterprise environment. This role performs endpoint patch installations, monitors patch deployment progress through completion, troubleshoots issues, coordinates remediation efforts, and conducts or supports post-patch application testing to validate system stability and business functionality.

ESSENTIAL FUNCTIONS

Patch Deployment
• Deploy security patches, updates, hotfixes, firmware, and approved software patches across endpoints and related infrastructure.
• Support patching for desktops, laptops, virtual endpoints, and other managed devices.
• Review and validate patch packages before deployment in accordance with change and release requirements.
• Execute patch deployments during approved maintenance windows.

Patch Monitoring
• Monitor patch deployment through completion across assigned endpoints.
• Identify and resolve failed, incomplete, or non-compliant installations promptly.
• Escalate persistent failures, compatibility issues, or deployment anomalies to the appropriate teams or vendors.
• Maintain patch compliance dashboards, reports, and status updates for management.
• Track exceptions, offline devices, and deferred patches to ensure closure or documented risk acceptance.

Post-Patch Validation
• Perform or coordinate post-patch testing to confirm functionality, compatibility, and stability.
• Verify that critical applications, endpoint security tools, and productivity services function as expected after patching.
• Document testing results, issues, remediation steps, and final resolution.
• Partner with application owners and support teams to resolve patch-related incidents and service impacts.

Governance and Compliance
• Adhere to IT governance, information security, and change management policies during patching activities.
• Maintain accurate documentation of patch schedules, procedures, outcomes, exceptions, and remediation.
• Support audits, regulatory reviews, and management reporting with evidence of patch execution and control effectiveness.
• Help maintain patch management procedures, standards, and runbooks.
• Ensure patching aligns with vulnerability management priorities and enterprise risk expectations.

QUALIFICATIONS

Education
• Bachelor's degree in information technology, Computer Science, Information Systems, Cybersecurity, or a related field preferred.
• Relevant certifications are a plus, such as Microsoft, endpoint management, ITIL, cybersecurity, or systems administration credentials.

Experience:
• Minimum 5 years of experience in patch management, endpoint administration, systems administration, desktop engineering, or a related IT operations role.
• Experience with enterprise endpoint patch deployment and remediation in a controlled production environment using Intune and SCCM.
• Experience monitoring patch compliance and resolving deployment issues.
• Experience supporting post-patch testing and validation of endpoint and application functionality.
• Experience in formal IT governance, change management, and audit/compliance environments preferred.

Skills/Ability:
• Strong knowledge of endpoint patch management tools, processes, and best practices.
• Knowledge of Windows endpoints, common enterprise applications, and endpoint management platforms, specifically SCCM and Intune.
• Familiarity with vulnerability remediation and coordination with cybersecurity teams.
• Ability to troubleshoot patch failures, compatibility issues, and endpoint performance problems.
• Strong analytical skills to track, monitor, and report patch deployment metrics.
• Understanding of change management, incident management, and operational support processes.
• Ability to perform structured application testing and document results accurately.
• Strong organizational skills and attention to detail.
• Effective written and verbal communication skills.
• Ability to manage multiple priorities and meet deadlines in a fast-paced environment.
• Strong collaboration skills with technical teams and business stakeholders.
• Familiarity with endpoint security and vulnerability management tools.
• Scripting or automation experience to support patch deployment and reporting is a plus.
• Experience in banking, financial services, or other regulated environments preferred.

OTHER DETAILS

$47.40 - $50.05 / hour
Pay determined based on job-related knowledge, skills, experience, and location.
This position may be eligible for a discretionary bonus.

Cathay Bank offers its full-time employees a competitive benefits package which is a significant part of their total compensation. It is our goal to provide employees with a comprehensive benefits package to fit their needs which includes, coverage for medical insurance, dental insurance, vision insurance, life insurance, long-term disability insurance, and flexible spending accounts (FSAs), health saving account (HSA) with company contributions, voluntary coverages, and 401(k).