Infrastructure Security Analyst

Permanent contract|London|Compliance

Infrastructure Security Analyst

London, United Kingdom Permanent contract Compliance

Responsibilities

Description of the Business Line or Department

Societe Generale (SG) has formed a single IT Infrastructure function Global Technical Services (GTS) to be responsible for delivery of infrastructure services across the entire SG group

The Infrastructure Security team (GTS/SEC) ensures that processes / measures implemented by GTS in the area of IT security and operational risks are aligned with Group / GBIS ISS policies, GTS IT security standards and local regulations.

Whilst located in London, the business line this position will be aligned to is GBIS.

Summary of the key purposes of the role

  • consist to
    • Operational security
      • Manage Operational Security and provide KPI on Security on your perimeter
      • Manage Security alerts and vulnerability management
      • Provide support and Expertise during Security Audit & Penetration tests
      • Manage Security Incident management /coordination with local GTS Team and GBSU in UK
      • Ensure technical designs are aligned with global standards, where possible and sensible, and ensure designs are robust, reliable, and scalable.
      • Provide in depth knowledge and expertise in hardening Windows, Linux/Unix systems
      • ensure security standards are followed and raise alerts where necessary
      • Assess IT Risks on IT infrastructure and Mitigating/Compensating controls
    • CyberSecurity Oversight (in coordination with GTS/SEC/SOC)
      • Provide recurrent Security indicators (KRI/KPI) of the coverage of the SOC activities
      • perform continuous IT SOC Oversight and recurrent Security incident review
  • Project Management / Delivery
      • Provide technical expertise on GTS/SEC perimeter, ensuring local constraints are well represented and understood by the global teams
      • Lead and drive projects from a technical perspective to ensure timely delivery as per agreed upon timeframes with PM and business.
      • contribute to update the Program Increment (PI) Planning for the Team taking into account dependencies with other teams.
  • Innovation, Market Watch and Security Awareness:
      • Manage relationship with main key Partners in GTS/SEC
      • explore and benchmark technologies which can improve security
      • Identify/implement new technologies that provide value in term of Security and organize Proof of concepts with support of skill teams.
      • Follow Strategy and Product Roadmaps for Suppliers and IT Partners
      • Promote Security standards and perform awareness to business partners and convince users to follow Security rules.

Summary of responsibilities

  • Identify, assign and report infrastructure vulnerabilities and provide detailed analysis on a regular basis
  • Define comprehensive remediation plan and coordinate efforts with the different skill teams responsible
  • Providing Security advisories, recommendations and guidance to projects as required
  • Providing recommendations for security management improvement
  • Working with the Architecture team to implement new technologies or improvements
  • Work on projects that require the implementation of systems that run on this platform.
  • Responsibility for ensuring that you are fully aware of and adhere to internal Policies that relate to you, your business or other businesses for which you have any level of responsibility.  It is your responsibility to ensure compliance with operational risk requirements (e.g. Golden rules, security policies and regulatory requirements). 
  • Responsibility for managing, controlling, preparing and escalating risk within the scope of your position.
  • Responsibility for reading, understanding and complying with the Company’s Conduct and Standards and corresponding regulations. You will be notified of changes to policies in a timely manner through announcements and/or intranet updates.
  • Act with integrity and due skill, care and diligence in carrying out your duties. Your actions should always be able to satisfy high standards of scrutiny.
  • Observe proper standards of market conduct. Responsibility to ensure that you take reasonable steps to be fully aware of, understand and comply with all regulatory requirements from all regulatory bodies that are applicable to your business.

Profile required

Competencies

Essential:

  • Very Good Knowledge of Active Directory, supporting from a Multi-Domain environments.
  • Very Good Knowledge of Group Policy and troubleshooting GPO issues
  • Very Good experience of IPAM (DNS/DHCP/IP)
  • Very Good experience of Storage (NAS/SAN)
  • Good experience of installing and supporting Red Hat Linux in an Enterprise environment
  • Good experience with Infrastructure Management tools
  • Good experience with implementing and managing monitoring solutions
  • Experience of backup processes technologies
  • Good Troubleshooting and hardening skills
  • Good understanding of networks/firewalls

Desirable:

  • Windows or Red Hat Certification
  • Any Linux to AD integration experience (SSO)
  • Understanding of Change management processes
  • Ability to use scripting technologies windows/unix
  • Understanding of Database technologies
  • High ethical standards
  • Take ownership of projects and tasks
  • Good time management
  • Strong interpersonal skills
  • Effective communicator
  • Ability to work in an international team environment
  • Ability to work under own initiative

Why join us

People join for the impact they can have on us. They stay for the impact we have on them. A flatter structure offers visibility and exposure beyond that of our competitors, so you know our names, and we know yours. It's personable, human, and inspires success through passion. By encouraging open mindedness and a willingness to share ideas, we have adapted to market changes and thrived through innovation. Bringing words like “hard work” and “dedication” together with “community” and “respect” has enabled us to work collaboratively and build our future together. We call this Team Spirit and it's what makes us different. It's what makes you different.

Business insight

If you feel you have the required experience and qualifications, then please apply to the SG Resourcing Team, and we will manage your application. At Société Générale, we believe our people are our strength and are core to the success of our business. As such, we search for, recruit and appoint the best available person on the basis of aptitude and ability, regardless of sex, marital or civil partnership status, race, colour, nationality, ethnic or national origins, pregnancy, disability, age, sexual orientation, religion, belief or gender identity.

We are an equal opportunities employer and we are proud to make diversity a strength for our company. Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination.

Reference: 21000UBL
Entity: SG CIB
Starting date: 2021/12/06
Publication date: 2021/11/23
Share