Lead Cyber Security Analyst - Risk and Compliance (DWS)

The Service consists in contributing to:

1) Transversal topics related to the security of Digital Workplace environments:

- Recommendations to project management and architecture for the consideration of security constraints in accordance with the guidelines of the group.

- Risk analysis on the different subjects followed.

- Presentation of the risks to the business / sponsor for acceptance.

- The implementation of mitigation measures.

-   Drafting of PASFs for outsourced services.

-   Piloting the pen tests on the entrusted perimeters.

2) Contributions to the activities of the entity's Security Run

 - Resolution of incidents on managed perimeters

-  Monitoring of vulnerability on managed perimeters

The expected deliverables are:

 ● Security specification for new projects and new solutions

 ● Security and risk analysis aligned to Societe Generale Processes:

·       Risk analysis on target infrastructure

·       Mitigation proposal with expert and architects

·       Presentation to worldwide security community

·       Follow up of mitigation implementation and pentest

·       Risk review with management and ORM

 ● Security rules & SSAP documents for external services and contractors

 ● Security RUN deliverable

·       Incident/Vulnerability follow up on target perimeter.

·       Control definition and industrialization

·       Recurrent risk review: Sensitivity Assessments / Risk Assessments

·       Security validation: Flows, Rights, Exceptions and, Profiles

Relevant Experience: 8 – 12 Years

•    MS Exchange/IronPort
•    MS Windows administration and hardening
•    Teams Téléphonie/SBC EBC
•    Security Standards: ISO 27001/27005, NIST, CIS, EBIOS.

“We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status”.

At Société Générale, we are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious. Whether you’re joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating, and taking action are part of our DNA. If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us!

Still hesitating?
You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices, and sharing their skills with charities. There are many ways to get involved.

We are committed to support accelerating our Group’s ESG strategy by implementing ESG principles in all our activities and policies. They are translated in our business activity (ESG assessment, reporting, project management or IT activities), our work environment and in our responsible practices for environment protection.