CYBERSECURITY EXPERTProtection of clients and the bank, information system security
Do you want to join our line of defence against cyber-crime? Are you interested in preventing, detecting and correcting infrastructure vulnerability? Join our team of IT security experts.
You will ensure the implementation of the Group’s security strategy, prevent risks and analyse incidents. You’ll be instrumental in the protection of clients, data and employees and you’ll innovate to combat any form of bank vulnerability.
- Determining security controls and action plans to reduce risks
- Drafting security policies and ensuring compliance
- Sounding an alert in the case of non-compliance with security policies
- Conducting risk analyses, ensuring compliance with legal and regulatory constraints
Today, my job at Societe Generale is to work with my team on 2 aspects.
First, data protection strategy, to avoid data theft from the Group,
and second, Detection Strategy and Incident Response, how to detect and fight a cyber attack.
To work on this strategy, our work is organized around several axes.
So first, to define the strategy by identifying the risk areas to be covered, and then, to define the measures and controls to cover these risks. Typically, today, in my team, we work on how to identify a network intrusion at Societe Generale.
What makes my work interesting is really the fact that we communicate with many different interlocutors, whether in France or abroad, but also different types of profiles. This means that we will necessarily work with cybersecurity experts, IT specialists, because that's where we use our tools, but also with businesses, because in the end, cybersecurity is everyone's business.
And our goal is to really put in place measures, tools, that are deployable, but which are also usable by users. And this is really one of the challenges we have today in cybersecurity, not to be a constraint or a brake for the trades, but to be truly a facilitator and to accompany them in their task of all days.
Today, working in a team that deals with cybersecurity, is to join a team that is highly motivated, because there is no a month or even a week without a cyber crisis in the media.
So this means that in the bank field, but also in general, people are really aware of this problem, whether it is the users or management. It allows us to have visibility in all projects, but also to have an impact when we want a new initiative, or to deploy a new tool for the users.
Today, the key skill to do my job is really the ability to adapt because cyber threat is evolving very quickly. It's linked to all the new IT uses, typically the Cloud which did not exist a few years ago and now we're starting to use the Cloud a lot. So obviously it brings new threats. It is also related to hackers who are more and more talented, and how they attack Societe Generale.
So all this makes us adapt and learn, and this is also what makes our job interesting, it is that we never get bored, because there are always new things to see and new things to do, new themes on which to train, learn and develop, improve.
What I discovered at Societe Generale and what I did not expect, was really all the initiatives we have to bring diversity in the profiles.
So everything about youth inclusion, and the opportunities we can give them in their careers, but also what is being done, especially for women, to have more women in cybersecurity. For example, I am fortunate to be on a committee that is involved in this theme, which aims to improve the representation of women in cybersecurity, but also by providing them with more training, more opportunities. And that's really nice.