Specialist Patch Management at CRDB Bank Tanzania

To ensure the timely and effective deployment of software patches across the organization’s IT infrastructure, mitigating security risks and maintaining operational integrity. This role involves monitoring patch releases, evaluating their relevance, testing for compatibility, and coordinating deployment schedules to minimize business disruption. The specialist also ensures patch compliance, maintains detailed documentation, and collaborates with system administrators and Cybersecurity teams to align patching activities with organizational policies and regulatory requirements.

Principle Responsibilities

• Participate in the design and maintenance of comprehensive patch management strategies aligned with the Bank’s security policies, compliance and operational requirements.
• Manage and deploy patches using tools like WSUS, SCCM, Manage Engine Patch Manager, OS/application.
• Test patches in controlled environments to ensure compatibility and stability before deployment to production systems.
• Manage automated patch deployment tools to streamline updates across endpoints, servers, and network devices.
• Ensure all patching activities follow established change management policies and procedures and are properly documented.
• Develop patch schedules that minimize business disruption while addressing system vulnerabilities promptly.
• Generate regular reports on patch compliance, success rates, and outstanding vulnerabilities for different stakeholders as may be required.
• Support internal and external audits and providing evidence of patching activities and compliance with regulatory standards (e.g., ISO 27001, PCI-DSS).
• Assist in incident response efforts by rapidly deploying emergency patches or configuration changes during active threats.
• Document and manage exceptions for systems that cannot be patched due to operational constraints, ensuring compensating controls are in place.
• Maintain a repository of patching procedures, known issues, and resolutions to support continuous improvement and knowledge sharing.
• Provide training and guidance to IT staff on patching best practices and tools usage.
• Regularly review and refine patch management processes to enhance efficiency, reduce risk, and adapt to evolving technologies.

Qualifications Required

• The candidate must have a bachelor’s degree in information technology, computer science, cybersecurity, or a related field.
• A minimum of 3 years of experience in patch management or IT systems administration is required.
• Desired certifications include ITIL Foundation, CISA/CISM, and Microsoft, Linux, or Oracle-based certifications.
• Experience with Oracle, SQL Server, PostgreSQL, and MariaDB databases is necessary.
• The candidate should have experience in scripting, such as PowerShell or Bash, to automate patch deployment and reporting.
• Experience working within structured change control environments is essential. An in-depth understanding of Windows, Linux, macOS, and other custom operating system environments is required.
• Familiarity with patching mechanisms and update cycles for different platforms is important.
• Proficiency with tools like Microsoft SCCM, WSUS, ManageEngine, Tenable, and Nessus is expected.
• The ability to interpret vulnerability scan results from Nessus, ManageEngine, or vendor sources is necessary.
• An understanding of CVSS scores, CVEs, and how to prioritize patches based on risk is required. Familiarity with ITIL frameworks and how patching fits into change, incident, and problem management is important.
• Knowledge of security frameworks and compliance requirements such as ISO 27001, NIST, and PCI-DSS is expected.
• An understanding of how patching supports broader cybersecurity and corporate goals is necessary.
• An in-depth understanding of patch management processes and lifecycle is required.
• Experience with patch management tools like SCCM, WSUS, ManageEngine, or similar is essential.
• The ability to evaluate, test, and deploy patches across diverse systems, including internal and internet-facing systems, web, and mobile platforms, is necessary.
• Familiarity with compliance requirements and patch reporting standards is expected.
• Strong troubleshooting skills for patch deployment issues in multi-environment systems such as Linux, Unix (AIX), Windows, Oracle, SQL Server, PostgreSQL, MariaDB databases, middleware like WebLogic, JBoss, WebSphere, IBM MQ, different OS network devices, VMware, and ESXi are required.
• The ability to manage patch cycles, timelines, and compliance deadlines is essential.

CRDB Commitment

CRDB Bank is dedicated to upholding Sustainability and ESG practices and encourage applicants who share this commitment. The Bank also promotes an inclusive workplace, hence applications from women and individual with disabilities are encouraged.

It is important to note that CRDB Bank does not charge any fees for the application or recruitment process, and any requests for payment should be disregarded as they do not represent the bank’s practices.

Only Shortlisted Candidates will be Contacted.

Deadline

2025-08-13

Employment Terms

PERMANENT