- SKILLS AND KNOWLEDGE
(State the minimum acceptable proficiency for this job which best indicates the education and/or experience requirements of this job and not the incumbent).
- Advanced knowledge of cybersecurity concepts: must have an in-depth understanding of cybersecurity concepts, such as threat intelligence, incident response, vulnerability assessment, and risk management.
- Advanced knowledge of networking: must be proficient in using security technologies and tools, such as SIEM, IDS/IPS, EDR, and vulnerability scanners, should have a strong understanding of TCP/IP, DNS, HTTP, SMTP, and other networking protocols, and be able to analyze network traffic to identify security threats.
- Expertise in security technologies: Should have experience working with security technologies such as firewalls, intrusion detection/prevention systems, SIEMs (Security Information and Event Management), and endpoint detection and response (EDR) tools. Knowledge of SIEM products (e.g. Splunk and RSA NetWitness)
- Proficiency in threat hunting: Should have advanced skills in threat hunting and be able to identify, investigate, and resolve advanced persistent threats (APTs). Must be skilled in threat hunting techniques and be able to proactively search for new and emerging threats that may not be detected by traditional security tools.
- Familiarity with cloud security: Should have knowledge of cloud security technologies, including cloud access security brokers (CASBs), cloud workload protection platforms (CWPPs), and cloud security posture management (CSPM) tools.
- Strong analytical and problem-solving skills: Must be able to analyze large volumes of data and identify patterns and anomalies that may indicate a security threat. They should also be able to develop and implement solutions to mitigate risks and prevent future incidents.
- Advanced incident response skills: Should have advanced skills in incident response, including triage, investigation, containment, eradication, and recovery. They should be able to perform memory analysis, malware analysis, and forensic investigations.
- Knowledge of compliance regulations: Should be familiar with compliance regulations such as PCI DSS, HIPAA, and GDPR, and be able to ensure their organization is meeting these requirements.
- Scripting and automation skills: Should have experience with scripting languages such as Python and PowerShell, and be able to automate repetitive tasks to increase efficiency.
- Collaboration and communication: Should be able to work collaboratively with other security team members, as well as other departments within the organization. Must have strong communication skills to interact effectively with stakeholders, including senior management, technical staff, and external partners. They should be able to articulate concepts in a clear and concise manner to both technical and non-technical audiences.
- Knowledge on security framework (MITRE ATT&CK, NIST)
- Experience in managing and responding to internal & external SOC audits
- Knowledge of the global architecture of a network, and the security of its components (routers, switches, ...)
- Knowledge of attack procedures and malicious code (exploits, attack vectors, phishing, ...)
- Bachelor's degree in Computer Science, Information Systems, or related field. Masters’ degree in relevant domain is a plus.
- 12+ years of experience working with security teams in lead roles in SOC etc.
- Relevant security certifications, such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), and/or GCIH (GIAC Certified Incident Handler), GSOC (GIAC Security Operations Certified), GSOM (GIAC Security operations manager certification)
- Functional Expertise - Keeps up to date with emerging technology, business, and market trends
- Technical Skills - Demonstrates strong technical skills required for the role, pays attention to detail, takes initiative to broaden his/her knowledge and demonstrates appropriate analytical skills
- Drive and Motivation - Successfully handles multiple tasks, takes initiative to improve his/her own performance, works intensely towards extremely challenging goals and persists in the face of obstacles or setbacks
- Client and Business Focus - Effectively handles difficult requests, builds trusting, long-term relationships with clients, helps the client to identify/define needs and manages client/business expectations
- Teamwork – Gives evidence of being a strong team player, collaborates with others within and across teams, encourages other team members to participate and contribute and acknowledges others' contributions. Ability to work effectively both independently and in a team environment.
- Communication Skills - Excellent written and verbal communication skills. Communicates what is relevant and important in a clear and concise manner and shares information/new ideas with others
- Judgement and Problem solving - Thinks ahead, anticipates questions, plans for contingencies, finds alternative solutions, and identifies clear objectives. Sees the big picture and effectively analyses complex issues. Strong analytical and problem-solving skills.
- Creativity/Innovation - Looks for new ways to improve current processes and develop creative solutions that are grounded and have practical value
Influencing Outcomes - Presents sound, persuasive rationale for ideas or opinions. Takes a position on issues and influences others' opinions and presents persuasive recommendations
Why join us
We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
At Société Générale, we are convinced that people are drivers of change, and that the world of tomorrow
will be shaped by all their initiatives, from the smallest to the most ambitious.
Whether you’re joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating and taking action are part of our DNA.
If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us!
You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices and sharing their skills with charities. There are many ways to get involved.