To be a part of Societe Generale European Business Services means to work in a dynamic and active environment where your work has a real impact in the company’s activity.
Our teams work in an Agile mode and are constantly encouraged to collaborate in transversal projects through which they can learn and adapt together in order to contribute to the growth of our center of excellence.
Define, implement and monitor SG EBS information security policies and framework according to Group and RESG standards taking into consideration the best standards of the Group.
Your Role in a Nutshell
Participates in the identification of the information security risks through the analysis of the information received from operational or functional persepective;
Play a vital role to help business lines identify, measure, control & mitigate risk exposures on a continuous basis;
Define methods and structures : for informationa security risk management;
Manages the structural exercises (collection of losses, scenario analysis, Risk and Control Self Assessment, KRIs), s / he issues proposals as regards to organization, governance and resources, s / he proposes improvements of procedures and evolutions of computing tools;
Control & reporting : Collects and retransmits the risks data to his / her superior / s and to operational staff, s / he suggests operational reporting tools in addition to Group tools;
Participate to the preparation of Dashboards on Risk exposures and updating Senior Management on the information security risks;
Define, implement and monitor the information security framework for SG EBS;
Assist SG EBS managers in defining and maintaining SG EBS information Security; as such, ensure that processes, procedures and controls are well formalized, up-
to-date, and properly executed;
Deliver an Information Security program in accordance with the global information security strategy and the Risk Culture program;
Coordinate the investigation, resolution and reporting on security incidents;
Develop and implement a local / global information security awareness program;
Follow up the implementation of the action plans.
A little about You
Masters or bachelors degree in Engineering or Computers;
3-5 years of experience in IT or BPO industry, out of which at least 3 years of experience in managing the IT risks;
Good understanding of the internal and external Information security standards;
Ideally should have working knowledge on some of the risk management and security tools like : Arch sight, SIEM tools, Penetration testing vulnerability assessments VA / PT tools, Nmap, Nessus, GFI Languard, Trend Micro, Qualys, Agiliance GRC, Symantec DLP;
Ideally would possess some of the certifications like : ISO 27001, BS25999, ISO 9001, CISSP, CISM, CCNP, CCDP, CCNA, CCDA, ITIL.
We also value
Good communication skills;
Strong analytical skills;
Result oriented, high flexibility and work autonomy.