Function Head - Cyber Defense

ISR is the entity in charge of the Cybersecurity for Société Générale.

The ISR/CDC department is in charge of operational detection, incident response and prevention activities within the scope of GTS across the businesses. The mission of the CDC is to identify, protect, detect, respond and using the security platforms for the detection/reaction and prevention and resolution of security incidents. The SG SOC consists of Cyber Defense (incident management) Cyber Tools (management of SOC tools including the SIEM), Cyber Control (Prevention and Compliance) and Governance.

This role is for Function head – Cyber Defense. In this role, you will involve in supporting India and global regional needs on CyberDefence and Vulnerability Management functions. The objectives of the Security Department (ISR) is to manage the strategy for all ISR teams in terms of security, technical standards, processes and tools, and thus to cover many cross-functional functions within the company and subsidiaries across all regions.

Accountabilities

o    Cyber defense - security protection, response, detection for security incidents and recovery of services

o    Vulnerability Management - Drive the Vulnerability Management function working with the internal team and the stakeholders across the group.

o    Providing Technical leadership and direction to teams of its department in day-to-day operations, projects, in supporting local business and global services in terms of delivery, productivity, quality and efficiency.

o    Identify and help implement continuous process enhancements/improvements in the team

o    Working along with the team to Identify different security tools and technologies to make security operations more effective.

o    Experienced Leadership Skills on both Onshore and Offshore Context

o    supporting global locations like Paris, EMEA, APAC, GSC, AMER

o    Will be closely working with CERT, other security teams and CISO’s on security aspects

o    As an executive member of the department and work for common objectives for various aspects like automation, innovation, efficiency, structure etc.

o    Manage Financials by collaborating with local and Global teams – including budget management and cost optimization

o    Focus on continuous improvement in the Vulnerability Management to reach the Organizations objective

o   As part of the overall ISR leadership, you will be required to be part of the key strategic decision making, solutions and roadmap definitions etc. You will be required to bring in the industry knowledge and help design and build these plans and execute as well. 

o    Collaborate with all other IT depts and support functions as needed to deliver on the key needs of IT/Cyber Security and compliance and other organization goals.

o   Be the champion for CSR, Inclusion & Diversity for your teams

• Minimum 15 years on IT delivery experience. At least, 6-8 years in managing and leading teams.        
• Hands on experience/exposure of various global Enterprise IT delivery.
• Technical knowledge and experience managing teams across various domains involved in Workplace, Data center, Networking, Middleware, security, compliance is required.
• Good understanding and experience and delivery based on ITIL framework. Business Continuity Management and resiliency frameworks and implementation, Transitions, etc.
• Proven experience and knowledge of various IT Security and Compliance aspects. Security certifications such as (but not limited to) CEH, CSSIP, CISA, etc. are preferred.
• Good understanding of the Cyberdefence technologies, different tools used for investigation – SIEM etc
• A very good experience in Vulnerability Management process, tools like Qualys
• Experience of security assessment and penetration testing tools.
• Knowledge of attack procedures and malicious code (exploits, attack vectors, phishing, ...)
• Experience in managing and responding to internal & external SOC audits.
• Should have Certification on Delivery models ITIL/COBIT, etc. and process assessment and improvement and quality, risk, compliance frameworks. Six Sigma, PMP, etc. are also desired.
• Understanding of industry standard delivery/compliance/risk/cyber risk models/framework – ISO 27K, 20K, ITIL, NIST OWASP, MITRE etc. Certifications are a plus.

“We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status”.

At Société Générale, we are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious. Whether you’re joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating, and taking action are part of our DNA. If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us!

Still hesitating? 
You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices, and sharing their skills with charities. There are many ways to get involved.

We are committed to support accelerating our Group’s ESG strategy by implementing ESG principles in all our activities and policies. They are translated in our business activity (ESG assessment, reporting, project management or IT activities), our work environment and in our responsible practices for environment protection.