Application Vulnerability & Obsolescence Analyst

Talan is an international consulting and technology expertise group supporting Corporate and Investment Banking (CIB) and Financial Services clients through large-scale transformation programs driven by data, technology, and innovation.

In North America, Talan works with some of the largest U.S., French, and Japanese banks, delivering high-value expertise across front-office, risk, finance, regulatory, and technology domains.

With over 20 years of experience, a presence across five continents and 21 countries, and Great Place to Work® certification, the Group is on track to reach 8,000 employees worldwide, including 600 in North America.

We are looking for an IT Risk & Vulnerability Analyst to support one of our strategic CIB clients in keeping their software secure and up to date. The ideal candidate has experience reviewing software versions, checking vulnerability data, and working closely with IT teams to fix issues.

In this role, you will help track which software needs to be updated, understand where risks come from, and make sure the right teams take action. You will also help keep our internal tools and reports accurate so we can make good decisions and stay compliant.

Role and responsibilities

• Track application and software versions across the organization and identify end-of-life, outdated, or vulnerable software.
• Analyze software vulnerability and obsolescence data using tools such as Qualys and Splunk, with a focus on applications and packages, not infrastructure.
• Maintain and improve the application / software inventory, ensuring version data is accurate and up to date.
• Work closely with application owners, developers, and IT teams to define target software versions and remediation plans.
• Coordinate and follow up on software upgrades, patches, and version alignments until completion.
• Track remediation actions in tools like ServiceNow or Jira and ensure timelines are respected.
• Prepare clear reports and KPIs related to software risk, obsolescence, and upgrade progress.
• Support audits by providing documentation related to software versions, lifecycle, and remediation actions.
• Contribute to improving processes, controls, and tooling related to software risk and application lifecycle management.

#LI-ASD

• Bachelor’s degree in IT, Cybersecurity, or a similar field.
• Minimum 3+ years of experience working on software obsolescence, patching, or vulnerability management, ideally in a financial or regulated environment.
• Comfortable using tools like Qualys, Splunk, ServiceNow, or Jira to review data and track actions.
• Good understanding of how software is built, maintained, and upgraded.
• Strong analytical skills with the ability to spot issues and suggest improvements.
• Able to manage several tasks at once and stay organized in a fast-moving environment.
• French is helpful but not required.

Company’s Benefits

At Talan, we invest in our employees' well-being and empower them with benefits, including:

• 💵 The salary range for this role is US$100,000 - US$145,000
• 💸401(k) retirement plan with company matching
• 🌴15 days of paid vacation per year at hire and up to 27 according to seniority (annual untaken vacation days are cashed out)
• 📴8 paid holidays + 5 sick days + 2 personal days per year
• ❤️‍🩹Company health, dental, and vision insurance plans + FSA
• 🦺Voluntary STD and LTD
• 🚍 Commuter/transit benefits

All your information will be kept confidential according to EEO guidelines.