Cyber Security Lead Analyst - HCS OSM

• Ability to perform risk analysis on the network architecture and identify threat, vulnerability and risks

• Good understanding of cloud network and on-premises network security solutions like Firewalls, VPC, network segmentation, security groups, IPS/IDS, WAF, NAC, Web proxy, and load balancers etc.

• Conduct risk assessments and security evaluations of network services and on-prem and cloud infrastructure

• Identify and assess threats, vulnerabilities, risks and potential attack vectors and prioritize the mitigation

• Assess and manage IT risk treatment in all new projects or infrastructure within its scope (integration of security into projects, secure by design processes)

• Enforce Group policies / standards and/or procedures / good security practices within its department.

• Develop and implement risk mitigation strategies and security controls

• Drive security program such as Pen test and Vulnerability programs globally 

• Evaluate security configurations, policies, and procedures

• Perform security validations and exceptions for different need on day to day basis (AV , Browsing exceptions, RAF, admin rights, firewall flow, secure share etc.);

• Assess compliance with industry standards and regulatory requirements (e.g., NIST, SOC 2, PCI-DSS, OWASP) 

• Communicate risk and security recommendations to stakeholders 

• Contribute to security audits (internal audit / regulators) within its scope

• To act as a security expert and point of contact on all the operational security and risk management activities 

• CCNA/CCNP Certification 

• Network Security Certification in Cloud platforms Azure -( SC-100 & AZ-500) and AWS Security Certifications 

• 5+ years of experience in cloud and on-premises network risk assessment, operational security and risk management or related fields 

• Strong knowledge in Cloud and network Fundamentals, compliance frameworks, and risk management principles 

• Experience with cloud and on-premises infrastructure & application security assessments, risk assessments, and security controls implementation

• Excellent analytical, problem-solving, and communication skills 

• Familiarity with cloud security framework, tools, and technologies (e.g., OSWAP, CSPM, CWPP, CIEM, DAST/SAST. NIST, CISSP)

We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

At Société Générale, we are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious. Whether you’re joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating, and taking action are part of our DNA. If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us!

Still hesitating? 
You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices, and sharing their skills with charities. There are many ways to get involved.

We are committed to support accelerating our Group’s ESG strategy by implementing ESG principles in all our activities and policies. They are translated in our business activity (ESG assessment, reporting, project management or IT activities), our work environment and in our responsible practices for environment protection.