Cyber Security Analyst

• Performing security aspects of a portfolio of banking service platforms and applications by implementing/contributing compliance projects to the functional and technical team.
• Assisting functional and technical teams throughout the major evolutions on platforms and applications. This focus will be a big part of the scope of work and requires understanding of the architecture, functionalities, and security policies.
• Follow compliance level of Applications adhering to global audit and regulatory programs (ECB Audit, NIST, GDPR Compliance, NYDFS & SECAIA).
• Improve and maintain the level of security of applications and platforms, in compliance with regulatory requirement and SG group security criteria.
• Collaborate with application team and technical teams, to deploy, troubleshoot and maintain required security solutions with compliancy to security criteria. 
• Responsible for report preparation on BAU, key programs and maintain a good level of communication with different stakeholders of the projects.
• Plan, organize and insure follow up actions and action plans, therefore being autonomous is a must for this role. 
• Independently perform Application Security Assessment (ASA), Security control assessment and provide security recommendations.
• Perform risk review and work on derogation// ad-hoc request validations. Also maintain risk acceptance documents as per the group guidelines.
• Drive Secure by design throughout SDLC of the applications.
• Demonstrate and train teams on Secure by design and latest security technologies.

Profile Required

• 3 to 6 years of experience in the field of IT security with good Knowledge in information security.
• Able to understand architecture issues in order to develop security policies or relevant recommendations on applications and projects. Also, should be able to discuss on an equal footing with the community of architects and project managers of the applications concerned.
• Good knowledge on SDLC and hands-on experience in Security Environments and activities.

                        Knowledge on Application Security/ Vulnerability Management/ Cloud Security/ Thread modeling.

• Awareness of digital technologies and understanding of functional domain and business processes. 
• Good in identifying & proposing process improvements, documentation preparation and consolidation on process/technical subject related to Security.
• Knowledge on Cloud an network Security,IAM, Data encryption, SIEM.
• Understanding on regulatory programs like GDPR, NYDFS, SCHREMS, DORA etc...
• Knowledge on Cloud, Infra, Firewalls, Routers and Wifi
• Exposure to JAVA, API, ASP.Net, Spark, Python, react.js languages and technologies respectively.
• Exposer on security Tools Qualys, Nessus, Nmap, Burp suite, SonarQube, netspaker, OWSAP, Open-Source tool for Security Tests.
• Proper Work Ethics, Adaptability, Interpersonal skills and Problem-Solving Capabilities.

Mandatory Skills

Application Security/ Vulnerability assessment and penetration testing/ Risk Management/ Cloud Security/ API Security/        Vulnerability management/DevSecOps
Customer/ Business interactions
Good communication skills with negotiation and influencing skills. Especially the ability to persuade and influence others.

At Socit Gnrale, we are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious.
Whether youre joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating and taking action are part of our DNA.
If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us!
Still hesitating?
You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices and sharing their skills with charities. There are many ways to get involved. 

We are committed to support accelerating our Groups ESG strategy by implementing ESG principles in all our activities and policies. They are translated in our business activity (ESG assessment, reporting, project management or IT activities), our work environment and in our responsible practices for environment protection

At Socit Gnrale, we are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious.

Whether youre joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating and taking action are part of our DNA.

If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us!

Still hesitating?

You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices and sharing their skills with charities. There are many ways to get involved.

We are committed to support accelerating our Groups ESG strategy by implementing ESG principles in all our activities and policies. They are translated in our business activity (ESG assessment, reporting, project management or IT activities), our work environment and in our responsible practices for environment protection

Diversity and Inclusion