What You'll Be DoingAs a member of the Patching Engineering team, you will design, build, secure, and continuously improve the enterprise patch automation ecosystem used to remediate vulnerabilities and maintain platform currency at scale. This role requires deep technical understanding across infrastructure, operating systems, middleware, databases, and security operations. You will engineer automated patching workflows for Windows, Linux, middleware, and platform services using orchestration and configuration management capabilities such as Ansible Automation Platform, PowerShell, Bash, and APIs. You will build integrations with vulnerability management, CMDB, change management, monitoring, and service management platforms so that patching is risk-informed, policy-driven, observable, and auditable. You will partner with infrastructure, application, database, middleware, and security teams to define maintenance patterns, dependency handling, pre-checks, snapshots, controlled reboots, service stop/start logic, rollback strategies, and post-patch validation to enable resilient, low-touch, end-to-end automation with minimal operational risk. On an ongoing basis, the team is also responsible for identifying manual patching steps and other repetitive operational activities, then designing and delivering automations that reduce manual effort, improve consistency, and increase engineering efficiency across the supported environment.
At CIBC we enable the work environment most optimal for you to thrive in your role. Details on your work arrangement (proportion of on-site and remote work) will be discussed at the time of your interview.
How You'll Succeed- Patch Automation Engineering - Design and maintain reusable automation patterns for operating system, middleware, and platform patching across Windows, Linux, JBoss, Oracle Database, MQ, and related infrastructure. Build orchestration that performs discovery, eligibility checks, dependency validation, drain/stop actions, patch deployment, controlled reboot or restart sequences, health verification, and rollback decisioning.
- Security, Risk & Compliance - Translate vulnerability intelligence into actionable patching strategy by integrating scanner findings, severity, exploitability, asset criticality, and maintenance policy into execution decisions. Ensure automations support auditability, segregation of duties, change controls, exception handling, and evidence capture. Partner with security teams to reduce exposure windows, improve remediation SLAs, and align patching practices with enterprise security standards, hardening baselines, and regulatory requirements.
- Integrations & Reliability - Engineer integrations with CMDB, ITSM, vulnerability management, endpoint management, virtualization, cloud, and observability platforms to enable intelligent targeting, maintenance window control, automated approvals, exception routing, and post-patch reporting. Create telemetry, dashboards, and operational metrics for compliance, success rate, failure analysis, drift, and recovery. Lead continuous improvement through root-cause analysis, tuning of automation logic, and standardization of repeatable patching services across lines of business.
Who You Are- You can demonstrate hands-on engineering experience. You've built and supported patch automation for servers and platforms, including Windows Server, Linux, middleware, databases, and supporting infrastructure. You understand patch lifecycles, maintenance windows, dependencies, and service recovery, and can translate requirements into resilient automated workflows.
- You have strong knowledge of automation tools and frameworks. You're skilled with Ansible Automation Platform and its enterprise components. You build and integrate automations using reusable content, standards-based design, source control, CI/CD, and secure integration patterns.
- You are proficient in scripting and platform management. You bring hands-on expertise with PowerShell, Python, Bash, APIs, Git workflows, and tools such as Red Hat Satellite, Windows patching solutions, Oracle Enterprise Manager, and middleware administration. You're comfortable with dynamic targeting, secrets handling, inventory design, environment promotion, guardrails, and infrastructure-as-code.
- You engineer for scale and reliability. You design automation with idempotency, retry logic, concurrency controls, observability, and rollback considerations. You can troubleshoot failures across network, operating system, middleware, application, credential, and orchestration layers and drive permanent fixes rather than repeated manual intervention.
- You're digitally savvy. You seek out innovative solutions and embrace evolving technologies. You can easily adapt to new tools and trends.
- You love to learn. You're passionate about growing your knowledge, and you know that there is no limit to what you can achieve.
- Values matter to you. You bring your real self to work and you live our values - trust, teamwork and accountability.
What CIBC OffersAt CIBC, your goals are a priority. We start with your strengths and ambitions as an employee and strive to create opportunities to tap into your potential. We aspire to give you a career, rather than just a paycheck.
- We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program*, defined benefit pension plan*, an employee share purchase plan, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program.
- Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.
- We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.
*Subject to plan and program terms and conditions
Job LocationToronto-81 Bay, 32nd Floor
Employment TypeRegular
Weekly Hours37.5
SkillsAnalytical Thinking, Client Service, Infrastructure Management (IM), Mitigated Risks, Technical Leadership, Test Environments, Vendor Management