Sr. Infrastructure Engineer - Patching

CIBCToronto, ON
Hybrid

About The Position

As a member of the Patching Engineering team, you will design, build, secure, and continuously improve the enterprise patch automation ecosystem used to remediate vulnerabilities and maintain platform currency at scale. This role requires deep technical understanding across infrastructure, operating systems, middleware, databases, and security operations. You will engineer automated patching workflows for Windows, Linux, middleware, and platform services using orchestration and configuration management capabilities such as Ansible Automation Platform, PowerShell, Bash, and APIs. You will build integrations with vulnerability management, CMDB, change management, monitoring, and service management platforms so that patching is risk-informed, policy-driven, observable, and auditable. You will partner with infrastructure, application, database, middleware, and security teams to define maintenance patterns, dependency handling, pre-checks, snapshots, controlled reboots, service stop/start logic, rollback strategies, and post-patch validation to enable resilient, low-touch, end-to-end automation with minimal operational risk. On an ongoing basis, the team is also responsible for identifying manual patching steps and other repetitive operational activities, then designing and delivering automations that reduce manual effort, improve consistency, and increase engineering efficiency across the supported environment. At CIBC we enable the work environment most optimal for you to thrive in your role. Details on your work arrangement (proportion of on-site and remote work) will be discussed at the time of your interview.

Requirements

  • Hands-on engineering experience.
  • Built and supported patch automation for servers and platforms, including Windows Server, Linux, middleware, databases, and supporting infrastructure.
  • Understanding of patch lifecycles, maintenance windows, dependencies, and service recovery.
  • Ability to translate requirements into resilient automated workflows.
  • Strong knowledge of automation tools and frameworks.
  • Skilled with Ansible Automation Platform and its enterprise components.
  • Build and integrate automations using reusable content, standards-based design, source control, CI/CD, and secure integration patterns.
  • Proficient in scripting and platform management.
  • Hands-on expertise with PowerShell, Python, Bash, APIs, Git workflows, and tools such as Red Hat Satellite, Windows patching solutions, Oracle Enterprise Manager, and middleware administration.
  • Comfortable with dynamic targeting, secrets handling, inventory design, environment promotion, guardrails, and infrastructure-as-code.
  • Engineer for scale and reliability.
  • Design automation with idempotency, retry logic, concurrency controls, observability, and rollback considerations.
  • Ability to troubleshoot failures across network, operating system, middleware, application, credential, and orchestration layers and drive permanent fixes rather than repeated manual intervention.
  • Digitally savvy, seeking out innovative solutions and embracing evolving technologies.
  • Ability to easily adapt to new tools and trends.
  • Passion for growing knowledge.
  • Values trust, teamwork, and accountability.

Responsibilities

  • Design and maintain reusable automation patterns for operating system, middleware, and platform patching across Windows, Linux, JBoss, Oracle Database, MQ, and related infrastructure.
  • Build orchestration that performs discovery, eligibility checks, dependency validation, drain/stop actions, patch deployment, controlled reboot or restart sequences, health verification, and rollback decisioning.
  • Translate vulnerability intelligence into actionable patching strategy by integrating scanner findings, severity, exploitability, asset criticality, and maintenance policy into execution decisions.
  • Ensure automations support auditability, segregation of duties, change controls, exception handling, and evidence capture.
  • Partner with security teams to reduce exposure windows, improve remediation SLAs, and align patching practices with enterprise security standards, hardening baselines, and regulatory requirements.
  • Engineer integrations with CMDB, ITSM, vulnerability management, endpoint management, virtualization, cloud, and observability platforms to enable intelligent targeting, maintenance window control, automated approvals, exception routing, and post-patch reporting.
  • Create telemetry, dashboards, and operational metrics for compliance, success rate, failure analysis, drift, and recovery.
  • Lead continuous improvement through root-cause analysis, tuning of automation logic, and standardization of repeatable patching services across lines of business.
  • Identify manual patching steps and other repetitive operational activities, then design and deliver automations that reduce manual effort, improve consistency, and increase engineering efficiency across the supported environment.

Benefits

  • Competitive salary
  • Incentive pay
  • Banking benefits
  • Benefits program
  • Defined benefit pension plan
  • Employee share purchase plan
  • Vacation offering
  • Wellbeing support
  • MomentMakers, our social, points-based recognition program
  • Purpose Day; a paid day off dedicated for you to use to invest in your growth and development
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service