Devoteam Cyber Trust | Patch Management Officer | Financial Sector at Devoteam

Porto, , Portugal -

Full Time

Start Date

Immediate

Expiry Date

27 Jan, 26

Salary

0.0

Posted On

29 Oct, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Patch Management, Vulnerability Management, IT Operations, Systems Administration, Information Security, Regulatory Compliance, Change Management, Incident Escalation, Cybersecurity Best Practices, Networking, Firewalls, Endpoint Devices, Virtualization Platforms, Cloud Infrastructure, Vulnerability Assessment Tools, Communication Skills

Industry

Business Consulting and Services

Description

Company Description Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and medium-sized companies from all sectors and industries. Since 2009, previously known as INTEGRITY, our team based in Portugal is specialised in providing cutting-edge Managed Security Services that combine its expertise and proprietary technology to consistently and effectively reduce the cyber risk of our clients. The comprehensive service range includes Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and member of CREST and CIS - Centre for Internet Security, we provide services to a considerable number of clients, operating in more than 20 countries. Job Description We are looking for a Patch Management Officer to lead the planning, coordination, and monitoring of patching activities across our IT environment. This role is focused on ensuring timely and effective patch deployment by working closely with infrastructure and security teams, rather than executing the patches directly. The ideal candidate will have strong organizational and analytical skills, a solid understanding of patch management processes and tools, and experience in overseeing patch cycles in complex or regulated environments. Develop patch deployment schedules and maintenance windows. Coordinate with IT teams to plan and test patch rollouts. Minimize disruption to business operations during patch implementation. Vulnerability Management Support Collaborate with the cybersecurity team to align patching with vulnerability scans. Address vulnerabilities identified in external or internal assessments. Ensure remediation timelines are met according to risk thresholds. Monitor patch deployment success rates and failures. Generate compliance and audit reports. Track and report on unpatched systems or delayed updates. Evaluate optimization in patch management tools and platforms. Evaluate and recommend patch management technologies. Ensure patch tools are updated and properly configured. Work closely with infrastructure, application, and security teams. Work with application owners and system admins to validate patch outcomes. Communicate patch impacts and timelines to stakeholders. Escalate unresolved or high-risk issues to management. Manage and document patch exceptions and delays. Conduct risk assessments for systems that cannot be patched. Recommend and apply compensating controls as needed. Maintain up-to-date patch management policies and procedures. Document patching activities, exceptions, and rollback plans. Ensure compliance with regulatory or industry standards (e.g., ISO 27001, NIST, PCI-DSS). Qualifications 5 years experience in IT operations, systems administration, or information security roles. Experience working in environments subject to audits and regulatory compliance (e.g., finance, healthcare, government) is a plus. Familiarity with ITIL or similar frameworks. Understanding of change management and incident escalation processes. Knowledge of frameworks and compliance standards (e.g., ISO 27001, NIST, PCI-DSS, CIS). Awareness of cybersecurity best practices. Basic to intermediate knowledge of networking, firewalls, and endpoint devices. Understanding of virtualization platforms (VMware, Hyper-V) and cloud infrastructure (AWS, Azure, GCP). Concepts and processes of patch lifecycle management. Understanding of vulnerability scoring systems (e.g., CVSS). Familiarity with vulnerability assessment tools (e.g., Tenable, Qualys, Rapid7). Ability to assess the impact of missing patches and prioritize based on business risk. Identify systems vulnerable to known exploits and determine mitigation actions. Strong verbal and written communication skills to liaise with IT, Security, and Business Units. Ability to explain technical details to non-technical stakeholders. Skilled in creating patch reports, compliance dashboards, and documentation. Attention to detail for maintaining audit trails and policy compliance records Additional Information The Devoteam Group works for equal opportunities, promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity, dynamism and excellence of our organization. All of our vacancies are open to people with disabilities. Join us in our mission to safeguard our client's critical digital assets by contributing your skills to a dedicated and expert team. Apply now to grow your career and make a tangible impact as a key member of our Cybersecurity Engineering Professional Services team!

Responsibilities

The Patch Management Officer will lead the planning, coordination, and monitoring of patching activities across the IT environment, ensuring timely and effective patch deployment. This role involves collaboration with infrastructure and security teams to minimize disruption during patch implementation and to address vulnerabilities identified in assessments.