Cyber Security Consultant - CSRO

Permanent contract|Bangalore|IT (Information Technology)

Cyber Security Consultant - CSRO

Bangalore, India Permanent contract IT (Information Technology)

Responsibilities

The Cyber/Cloud Security and Risk Officer (CSRO) aims to contribute to the steering of strategy in terms of public cloud security, technical standards, processes, tools and risk management.

Profile required

Experience : 10 yrs +

  • Defines, publishes and maintains processes for Security Governances, Risk and Compliance (GRC) for public cloud (AWS and Azure)
  • Define cyber controls for public cloud platform, whilst adhering to a centralized methodology
  • Updating and documenting security controls as an accountable part of the public  cloud expertise team (e.g.: code security audit)
  • Recommending changes to policies or procedures based on new threats or vulnerabilities identified
  • Build and enforce hardening checklist comprises of industry’s best practices for public cloud
  • Provide design time review and guidance to teams building and deploying solution to public/private/hybrid cloud. (Security by Design)
  • Conduct risk analysis and define/monitor associated mitigation/remediation plans
  • Validate and communicate on the hardening of services and assess the maturity of application/service/infra against the defined security framework
  • Carry out monitoring and propose functional improvements within the scope of intervention (security framework, risk analysis....),
  • Collecting evidence and performing technical and functional acceptance tests in the context of “infrastructure and service hardening” projects,
  • Conducting vulnerabilities scans with automated tools (SAST/DAST etc) to identify potential security issues
  • Support/advise the operational security teams (Operation Security Manager),
  • Security code review on all the developed infra components.
  • Expected Deliverables
    • Service/Application/Infra maturity reports (assessment report). Assessment against defined maturity model
    • Risk analysis file
    • Blueprint and/or technical notes,

Services/Infrastructures security compliance reports based on the controls defined and specified (ex: vulnerability management, code audit,…).

Why join us

“We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status”.

Business insight

At Société Générale, we are convinced that people are drivers of change, and that the world of

tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious.

Whether you’re joining us for a period of months, years or your entire career, together we can have

a positive impact on the future. Creating, daring, innovating and taking action are part of our DNA.

If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a

daily basis and develop or strengthen your expertise, you will feel right at home with us!

Still hesitating?

You should know that our employees can dedicate several days per year to solidarity actions during

their working hours, including sponsoring people struggling with their orientation or professional

integration, participating in the financial education of young apprentices and sharing their skills with

charities. There are many ways to get involved.

We are an equal opportunities employer and we are proud to make diversity a strength for our company. Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination.

Reference: 22000OBR
Entity: SG Global Solution Centre
Starting date: immediate
Publication date: 2022/09/19
Share