Lead Architect – Patching Automation
- Location: Toronto, ON
- Pay Rate: $115/hr
- Contract Length: 6 Months
We at Raise are hiring a Lead Architect – Patching Automation for one of our top clients. After establishing themselves as an industry leader, they’re now expanding their team to meet rising demand. We’re hiring right now; if you’re interested, apply below for your chance to join a great place to work.
Responsibilities:
1) Patching Automation Architecture & Playbook Development
• Define the target architecture for enterprise patch automation across server, middleware, database, and application layers.
• Lead the design and development of Ansible-based playbooks for end-to-end patch orchestration.
• Provide deep technical leadership on:
o Ansible Automation Controller
o Event-Driven Automation
o Job templates and workflow templates
o Dynamic inventory design and management
o Credential and secrets handling
o Reusable role/module design
• Oversee the complete patch automation lifecycle, including:
o Patch scheduling and triggering
o Pre-checks and dependency validation
o Patch deployment and orchestration
o Reboot coordination where required
o Post-patch validation and reporting
o Exception handling and rollback considerations
• Partner with database and middleware SMEs to incorporate platform-specific checks, dependencies, and maintenance requirements into the automation framework.
2) Service Integrations & Event-Driven Operations
• Architect and implement integrations between the patching framework and enterprise platforms using APIs, webhooks, and event-driven mechanisms.
• Enable seamless workflow integration with tools such as:
o ServiceNow
o PagerDuty
o Dynatrace
• Design automation triggers based on operational events, change approvals, maintenance windows, incident states, and monitoring alerts.
• Ensure the patching platform can create, update, and reconcile records across integrated systems for change management, incident management, notifications, and operational visibility.
• Define integration patterns, data flows, and interface contracts to support reliable and secure interoperability.
3) DevSecOps, GitOps & Release Governance
• Establish GitOps-based development standards and branching strategies for automation code.
• Define best practices for:
o Source control
o Peer review
o Versioning
o Code quality
o Reusability and modular design
• Lead the design of code promotion pipelines across development, test, staging, and production environments.
• Embed security, compliance, and auditability into the automation delivery lifecycle.
• Define observability standards for automation execution, including:
o Metrics
o Logging
o Dashboards
o Alerting
o Success/failure analytics
• Partner with DevOps and security teams to ensure automation adheres to enterprise controls and policy requirements.
4) COTS / 3rd Party Application Patching
• Design and govern a patching approach for Windows and RHEL servers hosting commercial off-the-shelf (COTS) / third-party applications.
• Define a COTS patching framework that accounts for application dependencies, agent deployment, service restarts, maintenance windows, and validation checkpoints.
• Architect automation for:
o Agent installation and upgrade
o Application-aware pre-checks
o Patch execution sequencing
o Post-patch health validation
o Compliance and evidence collection
• Coordinate with application owners and support teams to ensure vendor-specific patching requirements are addressed.
• Develop standards for pre- and post-patch verification to minimize operational risk and improve service stability.
5) Leadership, Governance & Stakeholder Engagement
• Act as the technical lead and architecture authority for the patching automation initiative.
• Drive architecture reviews, design decisions, technical standards, and implementation governance.
• Collaborate across infrastructure, operations, security, application support, platform engineering, and enterprise architecture teams.
• Mentor engineers and automation developers on design patterns, coding standards, and platform best practices.
• Communicate architecture, risks, dependencies, and roadmap updates to senior stakeholders and program leadership.
Required Qualifications:
• 10+ years of experience in infrastructure automation, systems engineering, platform engineering, or enterprise architecture roles.
• 5+ years of hands-on experience designing and implementing enterprise automation solutions using Ansible.
• Deep expertise with:
o Ansible Automation Controller
o Event-Driven Automation
o Playbook, role, and template development
o Dynamic inventory management
• Strong experience with REST APIs, integration architecture, and event-driven automation patterns.
• Hands-on knowledge of enterprise service management and operational tools, especially:
o ServiceNow
o PagerDuty
o Dynatrace
• Strong understanding of GitOps, branching strategies, CI/CD, and code promotion models across environments.
• Experience building observability and reporting capabilities for automation platforms.
• Strong background in Windows Server and RHEL administration and patching practices.
• Experience supporting patch automation for third-party/COTS applications in enterprise environments.
• Solid understanding of pre-check, post-check, validation, rollback, and operational recovery patterns.
• Proven ability to work across technical domains including infrastructure, middleware, database, security, and operations.
Preferred Qualifications:
• Experience in highly regulated or large-scale enterprise environments.
• Knowledge of vulnerability remediation and compliance-driven patching programs.
• Familiarity with middleware and database patch coordination.
• Experience with secrets management and secure credential handling in automation platforms.
• Exposure to enterprise scheduling, orchestration, and CMDB-driven automation models.
• Relevant certifications in Ansible, Red Hat, cloud, DevOps, or enterprise architecture.
Looking for meaningful work? We can help!
Raise is an established hiring firm with over 65 years of experience. We believe strongly in making the world a better place through work, which is why we’re a certified B Corporation and donate 10% of our profits to charity.
We strive to build teams that reflect the diversity of the communities we work in. We encourage all qualified applicants to apply, including people from traditionally underrepresented groups such as women, visible minorities, Indigenous peoples, people identifying as LGBTQ2SI, veterans, and people with visible/nonvisible disabilities.
We have a dedicated webpage for accommodations where you can learn more about what we offer and request accommodation: https://raise.jobs/accommodations/
In order to submit candidates for roles, our clients will sometimes require personal information to confirm the identity of applicants and their legal status to work. Raise will never ask you for personal or banking information unless you have been selected for a job. If you are ever unsure about the legitimacy of this or another job posting by Raise (or have any other questions), please contact us at +1 800-567-9675 or hello@raiserecruiting.com