Societe Generale Global Solution Centre (SG GSC) acts as a business solutions center for Société Générale, one of the largest European financial groups. We provide high quality professional services in over 35 countries in various business areas - Finance & Accounting, HR, IT and Corporate Operations. Our mission is to be a partner of choice, valued for owning, transforming and innovating with best-in-class talent.

Project Description:

RESPONSIBILITIES

Your future team :

Societe Generale Group’s Insurance business is at the heart of the group's development, in synergy with all the Retail Banking, Private Banking and specialized financial services businesses, in France and abroad. Its main challenge is to design and deliver fast, easy-to-use IT solutions that are innovative, scalable and secure, inspired and designed with customers, while ensuring quality every day.

To be part of Société Generale Global Solution Centre and Insurance business line, means to work in a dynamic and active environment where your work has a real impact in the company’s activity.

Specifically, you will be required to :

• Provide advice, assistance, information, awareness-raising (particularly on best practices), alert and recommendation;
• Implement the Société Générale Group Information Systems Security policy and strategy that will have been adapted to SGA Romania and ensure its application within SGA Romania;
• Support the definition, implementation and control of Information Systems Security aspects in projects;
• Propose solutions to reduce risks to an acceptable level, and ensure that residual risks are accepted by the business lines;
• Collect Information Systems Security risk indicators on multiple aspects (legal and regulatory compliance, incidents, audit recommendations, operational security, etc.);
• Prevent security incidents and mitigate their consequences, by coordinating the Incident Management process according to Société Générale Group standards as well as European Digital Operational Resilience Act (DORA) and ITIL best practice;
• Manage local Information Systems Security exemptions;
• Be open to the outside world to stay connected with risks and threats that evolve every day.
• Ensure the general cyber security governance for SGA Romania, in particular organizing the Security Committees and informing top management and ASSU Security about Security progress;
• Ensure that the cyber security level of SGA Romania is up to the standards of Société Générale and ASSU;
• Participate in local or coordinated Security projects in the Group;
• Monitor operational systems and alert in case of security incident;
• Perform the ongoing surveillance process for the information systems as well as monitor the fulfillment of the action plans;
• Manage security reports and indicators specific to Management, authorities, audits;
• Co-ordinate the promotion of IT Security principles and rules within the company.

PROFILE REQUIRED:

• +5 years in cyber security positions and 10-15 years of experience overall in IT;
• Advanced knowledge of risk analysis methodologies and security key topics (classification, AICT assessment, intrinsic/residual risks, risk scenarios);
• Knowledge and experience in risk analysis methodologies (e.g.: 27005, EBIOS,…);
• Knowledge of standards (ISO 2700x, ITIL, NIST, etc.) and security governance principles;
• Knowledge of security best practices in the field of IT systems management (authorizations, data anonymization, incident management, authentication, backup, archiving, security patch management, antiviral updates, network partitioning, NAC, wifi, etc);
• Knowledge of security tool administration principles: firewalls, proxies, SIEM, DLP, IDS, IPS, vulnerability scanners like Qualys, IAM systems;
• Team spirit, curious, proactive;
• Autonomous, rigorous;
• Risk-oriented;
• Able to disseminate IT security user awareness, user awareness oriented;
• Ability to see the global picture, good communication skills, Oral and written communication; English B2 (oral and written proficiency).

NICE TO HAVE:

• Knowledge in the following methods: Agile, DevOps, CI/CD, Github/Gitlab;
• Knowledge/experience in security architecture areas;
• Security monitoring / understanding and knowledge of the main security threats (virals, cybercrime, APT) and their distribution methods;
• Possibly, experience of IT security audit missions;
• Security certifications (CISSP, ISO 2700x, NIST etc.).

WHY JOIN US

SG GSC is a Great Place to Work® certified company. Here, you will find a flexible workplace and culture, autonomy, constant learning opportunities, dynamism, and talented people, making this experience a real career accelerator. You will also discover all the diversity of our businesses, in a sector that is constantly evolving and innovating.

Plus, you will enjoy all our benefits :

• competitive compensation & remuneration, including annual performance bonus;
• preventive healthcare plan, and group health & life insurance;
• wide range of flexible benefits within a monthly budget;
• office perks, wellbeing and mental health programs;
• various social benefits and bonuses for personal or family events;
• 9-to-5 workday & flexible work environment: hybrid;
• additional paid and unpaid time off, including Sabbatical leave;
• learning and growth opportunities based on individual development and career plans;
• unlimited access to various eLearning resources.

BUSINESS INSIGHT

We are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious. Whether you’re joining us for a period of months, years, or your entire career, together we can have a positive impact on the future. Creating, daring, innovating, and taking action are part of our DNA.

If you too want to be directly involved, grow in a stimulating and caring environment, feel useful daily and develop or strengthen your expertise, you will feel right at home with us!

Still hesitating?

You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices, and sharing their skills with charities. There are many ways to get involved.

We are an equal opportunities employer, and we are proud to make diversity a strength for our company. Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, sexual or gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination.