Cyber Security Consultant - CSRO

Role Overview

We are looking for a Cyber Security Engineer with a strong focus on cloud security assessment, risk analysis, and governance for modern cloud platforms and cloud‑hosted AI‑enabled services.

This role is centered on evaluating cloud security posture, defining security guardrails, and providing risk visibility across AWS and Azure environments using enterprise security posture management and threat detection platforms.

The position also includes assessing security risks introduced by AI capabilities deployed in the cloud (such as generative AI services and AI‑enabled applications), ensuring they align with established cloud security, data protection, and governance standards.

Key Responsibilities

Cloud Security Risk Assessment & Governance (Primary Focus)

• Perform security and architectural risk assessments for public cloud platforms (AWS & Azure).
• Define, apply, and validate security guardrails covering:
  • Identity & access management
  • Network exposure
  • Data protection and encryption
  • Secrets and key management
  • Logging, monitoring, and detection
• Apply Zero Trust principles, least‑privilege access models, and policy‑based governance during cloud security assessments.
• Conduct ongoing cloud risk assessments using CSPM/CNAPP and security analytics tools.
• Review cloud architectures to assess trust boundaries, data flows, identity models, and control effectiveness.
• Translate technical findings into risk statements, control gaps, and remediation guidance for engineering and governance stakeholders.
• Maintain cloud security risk documentation, control mappings, and management‑level reporting.

AI‑Enabled Workloads – Security & Risk Awareness (Secondary Focus)

• Assess security risks associated with AI‑enabled applications hosted in the cloud, focusing on:
  • Data exposure and access control
  • Service misuse or unintended behavior
  • Integration risks with cloud identities, APIs, and storage
• Perform targeted risk assessments for AI capabilities such as:
  • Generative AI services (data leakage, prompt misuse, abuse scenarios)
  • Controls to enforce secure fine-tuning of models with adherence to security framework designed.
  • Agent‑based services (scope of tool access, execution privileges, segregation of duties)
• Ensure AI‑enabled services adhere to existing cloud security baselines, data governance policies, and risk management frameworks.
• Align AI‑related findings with frameworks such as the NIST AI Risk Management Framework, positioning them within broader cloud governance processes.

Policy, Compliance & Security Posture Management

• Build, tune, and maintain security policies in CNAPP/CSPM platforms to detect:
  • Misconfigurations
  • Excessive permissions
  • Network and data exposure risks
• Configure cloud threat detection platforms to identify anomalous activity and potential threats across workloads.
• Write and manage JSON‑based security policies and integrate them into cloud governance workflows.
• Perform recurring security posture and compliance assessments to:
  • Validate alignment with internal cloud security standards
  • Measure control effectiveness and residual risk
• Generate risk posture, compliance status, and executive‑level assessment reports.

DevSecOps & Cloud Architecture Assurance

• Review Infrastructure as Code (IaC) to identify cloud security and architectural risks prior to deployment.
• Embed security and compliance checks into CI/CD pipelines following DevSecOps principles.
• Validate that cloud‑hosted AI‑enabled services follow the same secure deployment, access control, and monitoring standards as traditional cloud workloads.

Skills You’ll Need

• Strong understanding of cloud security controls, risk assessment methodologies, and governance practices.
• Hands‑on experience assessing AWS and Azure environments from a security and risk perspective.
• Experience with cloud security posture management (CSPM), CNAPP, and threat detection platforms.
• Working knowledge of Infrastructure as Code (IaC) and the ability to review it for security impact.
• Familiarity with DevSecOps, CI/CD pipelines, and cloud security telemetry.
• Strong grounding in Zero Trust architecture, least privilege access, and compliance frameworks.
• Working awareness of AI security risks, particularly where AI intersects with cloud services (data governance, access control, misuse scenarios).
• Ability to communicate risk clearly to engineers, architects, and governance stakeholders.

Nice to Have

• Cloud or security certifications (e.g., Azure, AWS, security governance).
• Experience with container security or distributed cloud systems.
• Exposure to AI‑enabled cloud services (e.g., Azure OpenAI, Amazon Bedrock, Microsoft Foundry) from a governance or security posture perspective.
• Familiarity with NIST AI RMF, ISO/IEC 42001, or responsible AI governance frameworks.

We are looking for a Cloud Security Engineer with strong development and automation skills. The ideal candidate should have:

• Hands-on experience with Azure and AWS services to perform risk assessments and implement security guardrails.

• a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; }

  Ability to develop and enforce security policies using CSPM/CNAPP

  a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; }

• Strong Infrastructure as Code skills with Terraform and ARM templates for secure deployments.

• a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; }

  Proficiency in PowerShell scripting

• a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; }

  Knowledge of Zero Trust principles, least privilege access, and integration of security controls into CI/CD pipelines.

"We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status”.

At Société Générale, we are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious. Whether you’re joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating, and taking action are part of our DNA.If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us!

Still hesitating?

You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices, and sharing their skills with charities. There are many ways to get involved.We are committed to support accelerating our Group’s ESG strategy by implementing ESG principles in all our activities and policies. They are translated in our business activity (ESG assessment, reporting, project management or IT activities), our work environment and in our responsible practices for environment protection.