Cyber Security Consultant - OSA
Responsibilities
- Ability to identify, propose, design and run the operational and security risk Controls.
- Sound understanding of various cybersecurity controls and their relevance to handle various threat scenarios.
- Proactively identify security gaps and propose recommendations to enhance the security controls through remediation procedures.
- Identify data model (attribute/fields) from security logs to perform audit and checks.
- Device efficient processes to enforce security controls and ensure their effectiveness.
- Effective communication with the stakeholders project team, security SPOCs and other cross functional teams.
- Ability to assess the maturity level of existing new controls and improve control effectiveness by implementing necessary action items.
- Evaluate the Security and Risk Assessment for the infrastructure and/or applications to propose relevant recommendations.
- Recognizes problems by identifying abnormalities, reporting discrepancies
- Good reporting / communication skills and ability to convey technical or complex security topics to management is simple and effective manner. Experience on designing reports using tools like Power BI or Tableau or Pandas/Xlwings/Plotydash is added advantage
Profile required
- Experience : 10 + yrs
- Cybersecurity:
- Risk analysis: Intermediate to Expert
- Security audit and framework (ISO 27001, NIST, PCI-DSS): Intermediate to Expert
- Pentest knowledge (OWASP, methodology, hacking): Intermediate to Expert
- Ethical hacking and control effectiveness testing: Intermediate to Expert
- Public Cloud infrastructure & security (AWS, Azure): Intermediate
- Security and Code Audit reviews:
- Understanding of infrastructure and application security controls in cloud and on-premise like Amazon Web Application Firewall, Amazon Guard Duty, Amazon Inspector, AWS IAM Access Analyzer, AWS cloud Trail, AWS Shield, Amazon Macie, AWS Config, AWS security Hub, Integration with 3rd party tools: Intermediate to Expert
- Scripting knowledge (python, Git, Pandas…): Intermediate
- System and OS administration & hardening
- Application Security: Intermediate to Expert
- Linux/windows administration: Intermediate
- Linux/windows security and hardening: Intermediate to Expert
- Vulnerability management standards: Standard
Why join us
“We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status”.
Business insight
At Société Générale, we are convinced that people are drivers of change, and that the world of
tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious.
Whether you’re joining us for a period of months, years or your entire career, together we can have
a positive impact on the future. Creating, daring, innovating and taking action are part of our DNA.
If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a
daily basis and develop or strengthen your expertise, you will feel right at home with us!
Still hesitating?
You should know that our employees can dedicate several days per year to solidarity actions during
their working hours, including sponsoring people struggling with their orientation or professional
integration, participating in the financial education of young apprentices and sharing their skills with
charities. There are many ways to get involved.