CYBERSECURITY EXPERT
Join us
Contenu
CYBERSECURITY EXPERT
Protection of clients and the bank, information system securityDo you want to join our line of defence against cyber-crime? Are you interested in preventing, detecting and correcting infrastructure vulnerability? Join our team of IT security experts.
You will ensure the implementation of the Group’s security strategy, prevent risks and analyse incidents. You’ll be instrumental in the protection of clients, data and employees and you’ll innovate to combat any form of bank vulnerability.
Your responsabilities
- Determining security controls and action plans to reduce risks
- Drafting security policies and ensuring compliance
- Sounding an alert in the case of non-compliance with security policies
- Conducting risk analyses, ensuring compliance with legal and regulatory constraints
Iris - Cybersecurity Expert
Hello, I'm Iris and I'm a Cybersecurity Expert at Societe Generale since February 2020.
Today, my job at Societe Generale is to work with my team on 2 aspects.
First, data protection strategy, to avoid data theft from the Group,
and second, Detection Strategy and Incident Response, how to detect and fight a cyber attack.
To work on this strategy, our work is organized around several axes.
So first, to define the strategy by identifying the risk areas to be covered, and then, to define the measures and controls to cover these risks. Typically, today, in my team, we work on how to identify a network intrusion at Societe Generale.
What makes my work interesting is really the fact that we communicate with many different interlocutors, whether in France or abroad, but also different types of profiles. This means that we will necessarily work with cybersecurity experts, IT specialists, because that's where we use our tools, but also with businesses, because in the end, cybersecurity is everyone's business.
And our goal is to really put in place measures, tools, that are deployable, but which are also usable by users. And this is really one of the challenges we have today in cybersecurity, not to be a constraint or a brake for the trades, but to be truly a facilitator and to accompany them in their task of all days.
Today, working in a team that deals with cybersecurity, is to join a team that is highly motivated, because there is no a month or even a week without a cyber crisis in the media.
So this means that in the bank field, but also in general, people are really aware of this problem, whether it is the users or management. It allows us to have visibility in all projects, but also to have an impact when we want a new initiative, or to deploy a new tool for the users.
Today, the key skill to do my job is really the ability to adapt because cyber threat is evolving very quickly. It's linked to all the new IT uses, typically the Cloud which did not exist a few years ago and now we're starting to use the Cloud a lot. So obviously it brings new threats. It is also related to hackers who are more and more talented, and how they attack Societe Generale.
So all this makes us adapt and learn, and this is also what makes our job interesting, it is that we never get bored, because there are always new things to see and new things to do, new themes on which to train, learn and develop, improve.
What I discovered at Societe Generale and what I did not expect, was really all the initiatives we have to bring diversity in the profiles.
So everything about youth inclusion, and the opportunities we can give them in their careers, but also what is being done, especially for women, to have more women in cybersecurity. For example, I am fortunate to be on a committee that is involved in this theme, which aims to improve the representation of women in cybersecurity, but also by providing them with more training, more opportunities. And that's really nice.
Today, my job at Societe Generale is to work with my team on 2 aspects.
First, data protection strategy, to avoid data theft from the Group,
and second, Detection Strategy and Incident Response, how to detect and fight a cyber attack.
To work on this strategy, our work is organized around several axes.
So first, to define the strategy by identifying the risk areas to be covered, and then, to define the measures and controls to cover these risks. Typically, today, in my team, we work on how to identify a network intrusion at Societe Generale.
What makes my work interesting is really the fact that we communicate with many different interlocutors, whether in France or abroad, but also different types of profiles. This means that we will necessarily work with cybersecurity experts, IT specialists, because that's where we use our tools, but also with businesses, because in the end, cybersecurity is everyone's business.
And our goal is to really put in place measures, tools, that are deployable, but which are also usable by users. And this is really one of the challenges we have today in cybersecurity, not to be a constraint or a brake for the trades, but to be truly a facilitator and to accompany them in their task of all days.
Today, working in a team that deals with cybersecurity, is to join a team that is highly motivated, because there is no a month or even a week without a cyber crisis in the media.
So this means that in the bank field, but also in general, people are really aware of this problem, whether it is the users or management. It allows us to have visibility in all projects, but also to have an impact when we want a new initiative, or to deploy a new tool for the users.
Today, the key skill to do my job is really the ability to adapt because cyber threat is evolving very quickly. It's linked to all the new IT uses, typically the Cloud which did not exist a few years ago and now we're starting to use the Cloud a lot. So obviously it brings new threats. It is also related to hackers who are more and more talented, and how they attack Societe Generale.
So all this makes us adapt and learn, and this is also what makes our job interesting, it is that we never get bored, because there are always new things to see and new things to do, new themes on which to train, learn and develop, improve.
What I discovered at Societe Generale and what I did not expect, was really all the initiatives we have to bring diversity in the profiles.
So everything about youth inclusion, and the opportunities we can give them in their careers, but also what is being done, especially for women, to have more women in cybersecurity. For example, I am fortunate to be on a committee that is involved in this theme, which aims to improve the representation of women in cybersecurity, but also by providing them with more training, more opportunities. And that's really nice.
HIGHLIGHTS OF THE JOB
A vital position in reducing bank vulnerability
Highly technical and competitive challenges
An innovative environment using the latest technologies
A chance to act as consultant and to raise daily awareness of security incidents
You should be...
Knowledgeable of analysis & risk taking
Aware of infrastructure and security solutions
Good with people
Organised
Master’s degree in IT, engineering school or university
Frequently asked questions about Cybersecurity expert
1.
What is a cybersecurity expert?
A cybersecurity expert is a professional specialised in protecting the data, computer systems and networks used by a company against cyber threats. They prevent risks of hacking and cyberattacks.
They implement strategies and solutions to prevent these attacks, detect intrusions and respond to security incidents.
2.
What are the main tasks of a cybersecurity expert?
The primary mission of a cybersecurity expert is to ensure IT security and protect information by defining a security strategy tailored to the company's needs. To achieve this, they:
- monitor threats and continuously assess suspicious activities to prevent cyberattacks;
- define procedures;
- respond as quickly as possible to security incidents, conduct investigations and implement corrective measures.
3.
What skills are essential to become a cybersecurity expert?
A cybersecurity expert must first and foremost be an excellent technician.
They must have up-to-date technical knowledge of system development:
- they must master IT security technologies such as firewalls, intrusion detection systems (IDS/IPS) and security incident management solutions (SIEM);
- they must have a perfect understanding of cybersecurity standards and regulations (GDPR, ISO 27001, etc.).
A cybersecurity expert must be able to have an overall vision, ensuring the impermeability of networks. Lastly, they must communicate effectively with technical and business teams to raise awareness of security issues and implement preventive measures.
4.
What training is needed to become a cybersecurity expert?
It is necessary to obtain a Bac+5 level degree (five years of university or similar) such as an engineering degree or a master's degree in computer science specialising in cryptology or IT security.
It is also possible to obtain a professional certification in cybersecurity such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CEH (Certified Ethical Hacker), etc.
Besides academic training, practical experience through projects, internships or missions in the field of cybersecurity will make a difference for recruiters.
5.
How does a cybersecurity expert's career evolve?
Over the years and with experience, a cybersecurity expert will acquire IT security skills and be trained in specific technologies. They can then manage increasingly complex projects and specialise in certain areas such as penetration testing (pentest) or digital forensics, methods of investigation after a cyberattack. With experience, they can become a security consultant or manage security within large organisations. The journey can also continue as a Product Owner or Tech Lead.
6.
What does a typical day look like for a cybersecurity expert?
A typical day for a cybersecurity expert is divided between analysis time and exchanges with teams.
Every day, they monitor security logs and alerts to detect any suspicious activity and analyse emerging threats. They implement security patches and ensure compliance with security policies.
They participate in team meetings to review ongoing incidents and implement security measures.
7.
What is the average salary of a cybersecurity expert?
With increasingly complex information systems, cybercrime and the explosion of data volume, cybersecurity experts are increasingly sought-after by companies. However, salaries vary significantly depending on experience, geographic location and the recruiting company.
In France, for example, a security expert's salary can range from €50,000 to €90,000 per year.
How to join us
To get to know each other and make sure you will be happy as part of Societe Generale, please follow the below steps.
01
Get in touch
By responding to our job advertisement.
02
Tell us a little bit more about yourself
We’ll contact you for an initial exchange
and online tests.
03
Is it a match?
You’ll meet our operational team and human
resources partners.
04
Welcome!
The job is yours, and you’re ready to start the adventure.
Our latest Cybersecurity Expert jobs
Loading...