Trainee - Cybersecurity Infrastructure Analyst

Description of the Business Line or Department

Societe Generale (SG) has formed a single IT Infrastructure function Global Technical Services (GTS) to be responsible for delivery of infrastructure services across the entire SG group

The Infrastructure Security team ensures that processes and measures implemented by GTS around IT security and operational risks are aligned with Group policies, IT security standards, and local regulations.

Summary of the key purposes of the role

Operational Security Management:

• Managing operational security and KPIs
• Managing security and vulnerability alerts
• Providing support and expertise during Security Audit & Penetration tests
• Security Incident management /coordination
• Ensuring technical designs are aligned with global standards, and are robust, reliable, and scalable.
• Providing in depth knowledge and expertise in hardening Windows, Linux/Unix systems
• Ensuring security standards are followed and raising alerts where necessary
• Assessing IT Risks on IT infrastructure and mitigating / compensating controls 

Operational Risk Management:

• Managing Operational Risk Operations and providing KPIs on IT Risk Management
• Risk Acceptance: Tracking the progress of remediation plans and audit recommendations
• Regular database maintenance and updates
• Risk Self-Assessment: Maintaining and updating actions for global risk scenarios

CyberSecurity Oversight:

• Providing recurrent Security indicators covering Group activities
• Performing continuous oversight and security incident review

Project Management / Delivery:

• Providing technical expertise on GTS Security perimeter, ensuring local constraints are well represented and understood by global teams
• Leading and driving projects from a technical perspective to ensure timely delivery
• Contributing to programme planning updates

Innovation, Market Watch and Security Awareness:

• Managing relationships with key partners in GTS
• Exploring and benchmarking technologies to help improve security
• Identification and implementation of new technologies
• Following strategy and product roadmaps for suppliers and IT partners
• Promoting security standards and awareness to business users

Summary of responsibilities

• Identify, assign and report infrastructure vulnerabilities and provide detailed analysis on a regular basis
• Define comprehensive remediation plans and coordinate efforts with the teams responsible
• Provide security advice, recommendations and guidance for projects
• Provide recommendations for security management improvement
• Help to implement new technologies and improvements
• Work on projects that require the implementation of new systems
• Responsibility for ensuring that you are fully aware of and adhere to internal policies that relate to you
• Responsibility for Risk management, control, and escalation within the scope of your position
• Responsibility for reading, understanding and complying with the Group Code of Conduct
• Act with integrity and due skill, care and diligence in carrying out your duties
• Observe proper standards of market conduct
• Responsibility for taking reasonable steps to understand and comply with applicable regulatory requirements

Competencies

Essential:

• Excellent knowledge of Active Directory Domain Services (AD DS)
• Good foundational knowledge of infrastructure process and management
• Good knowledge of IT Risk Framework and management
• Proficiency with infrastructure management tools
• Some prior project management experience (internship etc.)
• Experience of backup process technologies
• Good troubleshooting and problem-solving skills
• Good understanding of security networks and firewalls

Advantageous:

• ITIL Foundation Certification
• Ability to use scripting technologies Linux / Unix
• Understanding of Database technologies

People join for the impact they can have on us. They stay for the impact we have on them. A flatter structure offers visibility and exposure beyond that of our competitors, so you know our names, and we know yours. It's personable, human, and inspires success through passion. By encouraging open mindedness and a willingness to share ideas, we have adapted to market changes and thrived through innovation. Bringing words like “hard work” and “dedication” together with “community” and “respect” has enabled us to work collaboratively and build our future together. We call this Team Spirit and it's what makes us different. It's what makes you different.

If you feel you have the required experience and qualifications, then please apply to the SG Resourcing Team, and we will manage your application. At Société Générale, we believe our people are our strength and are core to the success of our business. As such, we search for, recruit and appoint the best available person on the basis of aptitude and ability, regardless of sex, marital or civil partnership status, race, colour, nationality, ethnic or national origins, pregnancy, disability, age, sexual orientation, religion, belief or gender identity.