Patch Velocity & Software Lifecycle Lead

Sanofi Groupe
Lyon, France
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Remote
Lyon, France

Tech stack

Microsoft Windows
Artificial Intelligence
Amazon Web Services (AWS)
Azure
Cloud Computing
Computer Security
IT Management
Python
Linux System Administration
System Center Configuration Manager
Powershell
Red Hat Enterprise Linux - RHEL
Software Engineering
Software Vulnerability Management
EndPointSecurity
Cloud Platform System
Microsoft InTune
Patch Management
Network Server

Job description

Drive Patch Velocity & Remediation Performance

  • Accelerate patch deployment across servers, middleware, endpoints, and application layers
  • Reduce Mean Time To Patch (MTTP) and vulnerability backlog
  • Ensure adherence to remediation SLAs, especially for critical and high-risk vulnerabilities
  • Identify and remove bottlenecks impacting remediation speed

Enforce Software Lifecycle & Obsolescence Management

  • Define and drive software lifecycle standards (EOL/EOS management)
  • Ensure continuous upgrade and modernization of software components
  • Reduce risks related to obsolete and unsupported technologies

Strengthen Software Governance & Catalog Control

  • Enforce compliance with the Digital-approved software catalog
  • Implement mechanisms to detect and remove unauthorized software
  • Reduce exposure linked to shadow IT and unmanaged software components

Ensure Security Compliance by Design

  • Guarantee that systems are secure and compliant at delivery (golden images, baselines)
  • Maintain compliance throughout the asset lifecycle
  • Embed patching and lifecycle requirements into operational processes

Define Policies, Standards & Operating Model

  • Formalize patch management and software lifecycle policies
  • Define clear roles, responsibilities, and governance frameworks
  • Ensure alignment between Security, IT, and Business stakeholders

Drive Transversal Execution

  • Engage and align cross-functional teams:
  • Infrastructure & Cloud
  • Digital Workplace
  • Application Owners
  • CyberSecurity & Risk and Compliance
  • Activate the right organizational and technical levers to meet objectives

Measure Performance & Drive Continuous Improvement

  • Define and monitor key KPIs:
  • Mean Time To Patch (MTTP)
  • SLA compliance for vulnerability remediation
  • Patch and lifecycle compliance rates
  • Unauthorized software rate
  • Track progress and ensure sustainable improvement (non-regression)
  • Provide clear reporting and executive visibility

Requirements

  • Proven experience in cybersecurity, vulnerability management, or infrastructure security
  • Track record in driving cross-functional transformation or remediation programs
  • Strong understanding of:
  • Patch management processes and tools
  • Software lifecycle and obsolescence risks
  • Enterprise IT environments (endpoints, servers, applications)

Technical skills:

  • Experience with Windows and Linux environments, and patch management tools (Intune, SCCM, Microsoft Azure Arc, Red Hat Satellite, etc.)
  • Experience with cloud environments (Azure and AWS)
  • Experience with vulnerability management, Endpoint Detection & Response (EDR), and SOAR tools
  • Proficiency in Python and PowerShell scripting
  • Advanced use of AI technologies for improving operations

Soft skills:

  • Strong result orientation with focus on measurable risk reduction
  • Ability to drive performance and accountability across teams
  • Excellent stakeholder management and influencing skills
  • Data-driven mindset with experience defining and tracking KPIs
  • Structured, pragmatic, and execution-focused

Education: Bachelor's or Master's degree in Information Security, IT, or related field

Benefits & conditions

  • Reduction in critical and high vulnerabilities exposure
  • Decrease in obsolete and unauthorized software footprint
  • Sustainable increase in global IT compliance levels

Why choose us?

  • Play a key role in reducing cyber risk exposure at scale
  • Drive a high-impact, outcome-oriented transformation
  • Work at the intersection of security, IT, and digital transformation
  • Contribute to building a more resilient and secure Sanofi environment

What we offer you:

A fixed salary over 12 months, supplemented by a short-term incentive, as well as a collective variable compensation based on Sanofi Group results.

Because taking care of our employees is also our mission: 31 days of paid leave + RTT depending on your status, remote work up to 2 days/week, quality health insurance, public transport coverage up to 80%, extended maternity/parental leave (18/14 weeks), Group Savings Plan & PERCOL with employer matching, PERO, numerous CSE benefits, internal and international mobility opportunities, learning & development opportunities, and many other benefits to discover here (https://jobs.sanofi.com/fr/rewards-and-benefits) .

About the company

At Sanofi, we are strengthening our cybersecurity posture by accelerating the remediation of vulnerabilities and enforcing robust software lifecycle governance. As Patch Velocity & Software Lifecycle Lead within our Vulnerability Operations Center Team, you'll play a critical role in reducing the organization's exposure to cyber risks by driving patching velocity and coverage, controlling software obsolescence, and ensuring compliance across our Digital landscape. This role combines operational acceleration, effective orchestration and transversal leadership to deliver measurable risk reduction at scale. One-line Mission :Accelerate vulnerability remediation and enforce software lifecycle governance to sustainably reduce Sanofi's exposure to cybersecurity risks. Ready to get started? About Sanofi: We're an R&D-driven, AI-powered biopharma company committed to improving people's lives and delivering compelling growth. Our deep understanding of the immune system - and innovative pipeline - enables us to invent medicines and vaccines that treat and protect millions of people around the world. Together, we chase the miracles of science to improve people's lives., Better is out there. Better medications, better outcomes, better science. But progress doesn't happen without people - people from different backgrounds, in different locations, doing different roles, all united by one thing: a desire to make miracles happen. So, let's be those people. At Sanofi, we provide equal opportunities to all regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, ability or gender identity. Watch our ALL IN video (https://www.youtube.com/watch?v=SkpDBZ-CJKw&t=67s) and check out our Diversity Equity and Inclusion actions at sanofi.com (https://www.sanofi.com/en/our-responsibility/equality-and-inclusiveness) ! La fourchette salariale pour ce poste est:€64 000,00 - €85 333 Final compensation will be determined based on demonstrated experience, skills, location, and other relevant factors. Employees may be eligible to participate in Company employee benefit programs. We are an R&D driven, AI-powered biopharma company committed to improving people's lives and creating compelling growth. Our team is guided by one purpose: we chase the miracles of science to improve people's lives. We want to build a healthier, more resilient world, and turn the impossible into the possible by discovering, developing, and delivering medicines and vaccines for millions of people around the world. Discover more about us visiting www.sanofi.com or via our movie We are Sanofi (https://youtu.be/96EwNjb1TLo) Start a career that makes a difference. Reinvention is in our DNA. It's what drove our evolution from a small French enterprise to one of the world's leading biopharma companies. Whether it's using AI to shorten drug-discovery times or building trust in healthcare, you could be helping our teams make life better for patients, partners, and communities.

Apply for this position