Experience : 10 yrs +
- Defines, publishes and maintains processes for Security Governances, Risk and Compliance (GRC) for public cloud (AWS and Azure)
- Define cyber controls for public cloud platform, whilst adhering to a centralized methodology
- Updating and documenting security controls as an accountable part of the public cloud expertise team (e.g.: code security audit)
- Recommending changes to policies or procedures based on new threats or vulnerabilities identified
- Build and enforce hardening checklist comprises of industry’s best practices for public cloud
- Provide design time review and guidance to teams building and deploying solution to public/private/hybrid cloud. (Security by Design)
- Conduct risk analysis and define/monitor associated mitigation/remediation plans
- Validate and communicate on the hardening of services and assess the maturity of application/service/infra against the defined security framework
- Carry out monitoring and propose functional improvements within the scope of intervention (security framework, risk analysis....),
- Collecting evidence and performing technical and functional acceptance tests in the context of “infrastructure and service hardening” projects,
- Conducting vulnerabilities scans with automated tools (SAST/DAST etc) to identify potential security issues
- Support/advise the operational security teams (Operation Security Manager),
- Security code review on all the developed infra components.
- Expected Deliverables
- Service/Application/Infra maturity reports (assessment report). Assessment against defined maturity model
- Risk analysis file
- Blueprint and/or technical notes,
Services/Infrastructures security compliance reports based on the controls defined and specified (ex: vulnerability management, code audit,…).
“We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status”.
At Société Générale, we are convinced that people are drivers of change, and that the world of
tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious.
Whether you’re joining us for a period of months, years or your entire career, together we can have
a positive impact on the future. Creating, daring, innovating and taking action are part of our DNA.
If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a
daily basis and develop or strengthen your expertise, you will feel right at home with us!
You should know that our employees can dedicate several days per year to solidarity actions during
their working hours, including sponsoring people struggling with their orientation or professional
integration, participating in the financial education of young apprentices and sharing their skills with
charities. There are many ways to get involved.