Software Obsolescence and Vulnerability Analyst

Natixis CIB Americas IT is seeking a dynamic and experienced VP, Software Obsolescence and Vulnerability Analyst. This leadership role is critical in ensuring the effective management of software obsolescence and vulnerabilities, including business applications and SaaS solutions. The successful candidate will monitor end-of-life statuses, assess software vulnerabilities, define target software versions, and facilitate communication with IT teams. He/she/they will also track remediation plans, implement controls, and maintain the Software Referential. The role requires reporting and escalating alerts to senior management while collaborating closely with IT teams in the Americas and the Head Office Natixis and BPCE group.Key Responsibilities:Monitor and manage obsolete and deprecated software, software components, and vulnerabilities (Qualys CSAM, Qualys VPM, etc.).Conduct in-depth analysis of data provided by Splunk and Qualys.Define target software versions to ensure compliance and security.Communicate obsolescence and vulnerabilities to relevant IT teams (IT Development, IT Infrastructure, etc.).Coordinate and track remediation plans effectively.Escalate and manage alerts to senior management as necessary.Serve as a member of the AMER Vulnerability Patch Management Committee and the Obsolescence Committee.Maintain software referentials, performing reconciliations and controls to ensure data integrity and quality.Prepare Key Performance Indicators (KPIs) and reporting for the Obsolescence and Vulnerabilities committees.Ensure documentation is current and comprehensive.Collaborate with internal and external IT auditors to provide necessary audit evidence and documentation.Enforce and adhere to policies and procedures for VPM projects in the Americas, implementing best practices in system patching, installation, configuration, and monitoring.RequirementsBachelor’s degree in Cybersecurity, Information Technology, or a related field.A minimum of 3 years of experience in obsolescence and vulnerability management for software within the finance industry.Proficiency with Splunk, ServiceNow, Jira, Qualys data, or equivalent tools.Strong knowledge of software development and related areas.Exceptional analytical skills with a keen attention to detail, along with the ability to propose enhancements for process improvement.Proven capability to prioritize and manage multiple tasks in a fast-paced environment.Effective oral and written communication and documentation skills.Familiarity with Agile practices and methodologies.If you are a proactive leader with a passion for technology and a commitment to enhancing software security and efficiency, we invite you to apply for this pivotal position at Natixis CIB Americas IT. Join us in driving innovation and excellence within our IT landscape.Natixis is an equal opportunity employer, committed to a workplace free of discrimination. Natixis will not tolerate any form of discrimination based on age, color, mental or physical handicap or disability, pregnancy, marital status, sexual orientation, national origin, alienage, ancestry or citizenship status, race, religion, sex (including sex stereotyping, gender identity, gender expression or transgender status), veteran status, creed, genetic information or carrier status, or any other protected characteristic as established by law. Respect for all means that we deal with each person as an individual and not as a member of any group. All qualified applicants will receive consideration for employment. Management is expected to provide leadership in supporting the firms EEO program by taking steps to promote EEO in all facets of employment including recruitment, hiring, retention, promotion, performance assessment, and career-development opportunities. The salary range for this position will be between $140,000 -$180,000. Natixis is required by law to include a reasonable estimate of the compensation range for this role. Actual base salary will vary and will be based on several factors including, but not limited to, relevant experience, education, skills set, applicable licensure and certifications, and other business and organizational needs. Base salary is only one component of our total rewards package. Natixis also offers a generous benefits package, and you may be eligible for a discretionary incentive award depending on company and individual performance.