Security Analyst H/F/X

at  Socit Gnrale

PROFILE REQUIRED

• Graduate / Post Graduate;
• Fluency in French (B2) and English (B2) is a must;
• Previous experience as a risk analyst, technical project manager, software developer, technical analyst, or network specialist;
• Understanding and interest in the security domain – alerts, vulnerabilities, access controls;
• Demonstration of autonomy and proactiveness;
• Good interpersonal skills as well as the ability to communicate effectively orally and in writing;
• Attention to details;
• Challenging skills to be able to qualify properly anomalies;
• Basic experience in using JIRA;
• Basic knowledge on SIEM tools;
• Team spirit skills.

Societe Generale Global Solution Centre (SG GSC) acts as a business solutions center for Société Générale, one of the largest European financial groups. We provide high quality professional services in over 35 countries in various business areas - Finance & Accounting, HR, IT and Corporate Operations. Our mission is to be a partner of choice, valued for owning, transforming and innovating with best-in-class talent.
Within the Société Générale group, you will join the IT security team. The department offers a full range of products and services to meet the needs of individual, professional and corporate clients in Life Insurance Savings, Retirement Savings and Personal Protection.
The Security Team plays a key role in preventing data leakages, defending the entity from cyberattacks, conducting processes and best practices to put at safe place the sensitive data.
Specifically, you will be required to:

This position is open for candidates with little previous experience as cybersecurity analysts, as well as for people interested in a reconversion process, but with an important previous experience as a risk analyst, technical project manager, software developer, technical analyst, or network specialist to ensure a successful transition to the role.

• The responsibilities expected for this role are managed in the operation security team:
• Perform security risk analyses (following Group methodologies) on business projects, including suppliers and partners:
• Ensure the integration of security into business projects by performing a risk analysis (determine security requirements, residual risks, etc.);
• Raise awareness among partners/suppliers of the importance and need to comply with the security framework of SG; synthesize information in a clear and easily readable format for partners/suppliers and ensure that safety expectations are well understood;
• Understand the business context and needs of each supplier/partner; act diplomatically to build strong business relationships with these stakeholders;
• Perform security assessments of applications based on the Application Security Assessment (ASA) Group methodology based on input from business process owners;
• Require the implementation of safety measures such as penetration testing and integrate the results into risk analysis.
• Ensure and negotiate when required compliance of security contractual clauses signed by ASSU with third parties.
• Provide advice:
• on security topics.
• -in the processing of requests for derogation from the Group’s security policies, regarding website -access, application installation, usage of external storage solutions (USB). etc
• for other security requests (e.g. opening of flows);
• Contribute to the GDPR program, application and data security (Risk analysis, security document update, business restitution).
• Contribute to the verification and evaluation of suppliers (partners, contractors, etc.);
• Contribute to the monthly and quarterly reporting by updating the golden source documents ;
• Propose ideas for improving or optimizing internal procedures and methodologies to make them more effective or better suited to our challenges.