Information Security Senior Analyst- Pent Testing
Responsibilities
For each responsible activities you will report to Head of SOC – GTS SEC. You will be responsible for:
- Developing and implementing offensive cyber security strategies to improvise cyber security defenses.
- Collaborating with stakeholders to ensure that vulnerabilities are identified and addressed in a timely manner.
- Conducting controls assessment and providing recommendations for improvements
- Conducting infrastructure penetration testing and vulnerability assessments, including network devices, servers, databases, cloud infrastructure and applications.
- Using tools such as BloodHound, PingCastle, and Neo4j to map and analyze network environments for potential attack paths.
- Identifying and exploiting security vulnerabilities in target environments to demonstrate the potential impact to the business.
- Providing remediation guidance and recommendations for identified vulnerabilities.
- Leading information security projects and managing project timelines and budgets.
- Developing and maintaining reports to communicate findings and recommendations to management.
- Contributing to the development of policies, procedures, and controls to enhance the overall security posture of the organization.
- Participating in incident response activities as needed.
- Staying current with new and emerging threats and vulnerabilities, as well as tools and techniques for penetration testing.
Profile required
- Bachelor's degree in Computer Science, Information Systems, or related field. Masters’ degree in relevant domain is a plus.
- 4 to 6 years of experience in information security, with a focus on infrastructure penetration testing and hands-on experience with tools such as BloodHound, PingCastle, and Neo4j.
- Strong understanding of risk management practices, controls assessment, and NIST guidelines.
- Offensive mindset and ability to improvise cyber security defenses.
- Experience in handling information security projects.
- Relevant certifications such as CISSP, CISM and OSCP are a plus.
COMPETENCIES
-
- Functional Expertise - Keeps up to date with emerging technology, business, and market trends
- Technical Skills - Demonstrates strong technical skills required for the role, pays attention to detail, takes initiative to broaden his/her knowledge and demonstrates appropriate financial/analytical skills
- Drive and Motivation - Successfully handles multiple tasks, takes initiative to improve his/her own performance, works intensely towards extremely challenging goals and persists in the face of obstacles or setbacks
- Client and Business Focus - Effectively handles difficult requests, builds trusting, long-term relationships with clients, helps the client to identify/define needs and manages client/business expectations
- Teamwork – Gives evidence of being a strong team player, collaborates with others within and across teams, encourages other team members to participate and contribute and acknowledges others' contributions. Ability to work effectively both independently and in a team environment.
- Communication Skills - Excellent written and verbal communication skills. Communicates what is relevant and important in a clear and concise manner and shares information/new ideas with others
- Judgement and Problem solving - Thinks ahead, anticipates questions, plans for contingencies, finds alternative solutions, and identifies clear objectives. Sees the big picture and effectively analyses complex issues. Strong analytical and problem-solving skills.
- Creativity/Innovation - Looks for new ways to improve current processes and develop creative solutions that are grounded and have practical value
- Influencing Outcomes - Presents sound, persuasive rationale for ideas or opinions. Takes a position on issues and influences others' opinions and presents persuasive recommendations
Why join us
We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Business insight
At Société Générale, we are convinced that people are drivers of change, and that the world of tomorrow
will be shaped by all their initiatives, from the smallest to the most ambitious.
Whether you’re joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating and taking action are part of our DNA.
If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us!
Still hesitating?
You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices and sharing their skills with charities. There are many ways to get involved.
We are an equal opportunities employer and we are proud to make diversity a strength for our company. Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination.