Patch Velocity & Software Lifecycle Lead
Role details
Job location
Tech stack
Job description
Drive Patch Velocity & Remediation Performance
- Accelerate patch deployment across servers, middleware, endpoints, and application layers
- Reduce Mean Time To Patch (MTTP) and vulnerability backlog
- Ensure adherence to remediation SLAs, especially for critical and high-risk vulnerabilities
- Identify and remove bottlenecks impacting remediation speed
Enforce Software Lifecycle & Obsolescence Management
- Define and drive software lifecycle standards (EOL/EOS management)
- Ensure continuous upgrade and modernization of software components
- Reduce risks related to obsolete and unsupported technologies
Strengthen Software Governance & Catalog Control
- Enforce compliance with the Digital-approved software catalog
- Implement mechanisms to detect and remove unauthorized software
- Reduce exposure linked to shadow IT and unmanaged software components
Ensure Security Compliance by Design
- Guarantee that systems are secure and compliant at delivery (golden images, baselines)
- Maintain compliance throughout the asset lifecycle
- Embed patching and lifecycle requirements into operational processes
Define Policies, Standards & Operating Model
- Formalize patch management and software lifecycle policies
- Define clear roles, responsibilities, and governance frameworks
- Ensure alignment between Security, IT, and Business stakeholders
Drive Transversal Execution
- Engage and align cross-functional teams:
- Infrastructure & Cloud
- Digital Workplace
- Application Owners
- CyberSecurity & Risk and Compliance
- Activate the right organizational and technical levers to meet objectives
Measure Performance & Drive Continuous Improvement
- Define and monitor key KPIs:
- Mean Time To Patch (MTTP)
- SLA compliance for vulnerability remediation
- Patch and lifecycle compliance rates
- Unauthorized software rate
- Track progress and ensure sustainable improvement (non-regression)
- Provide clear reporting and executive visibility
Requirements
- Proven experience in cybersecurity, vulnerability management, or infrastructure security
- Track record in driving cross-functional transformation or remediation programs
- Strong understanding of:
- Patch management processes and tools
- Software lifecycle and obsolescence risks
- Enterprise IT environments (endpoints, servers, applications)
Technical skills:
- Experience with Windows and Linux environments, and patch management tools (Intune, SCCM, Microsoft Azure Arc, Red Hat Satellite, etc.)
- Experience with cloud environments (Azure and AWS)
- Experience with vulnerability management, Endpoint Detection & Response (EDR), and SOAR tools
- Proficiency in Python and PowerShell scripting
- Advanced use of AI technologies for improving operations
Soft skills:
- Strong result orientation with focus on measurable risk reduction
- Ability to drive performance and accountability across teams
- Excellent stakeholder management and influencing skills
- Data-driven mindset with experience defining and tracking KPIs
- Structured, pragmatic, and execution-focused
Education: Bachelor's or Master's degree in Information Security, IT, or related field
Benefits & conditions
- Reduction in critical and high vulnerabilities exposure
- Decrease in obsolete and unauthorized software footprint
- Sustainable increase in global IT compliance levels
Why choose us?
- Play a key role in reducing cyber risk exposure at scale
- Drive a high-impact, outcome-oriented transformation
- Work at the intersection of security, IT, and digital transformation
- Contribute to building a more resilient and secure Sanofi environment
What we offer you:
A fixed salary over 12 months, supplemented by a short-term incentive, as well as a collective variable compensation based on Sanofi Group results.
Because taking care of our employees is also our mission: 31 days of paid leave + RTT depending on your status, remote work up to 2 days/week, quality health insurance, public transport coverage up to 80%, extended maternity/parental leave (18/14 weeks), Group Savings Plan & PERCOL with employer matching, PERO, numerous CSE benefits, internal and international mobility opportunities, learning & development opportunities, and many other benefits to discover here (https://jobs.sanofi.com/fr/rewards-and-benefits) .