Trainee Cybersecurity Infrastructure Analyst - Others - London, United Kingdom

Job Description

Description of the Business Line or DepartmentSociete Generale (SG) has formed a single IT Infrastructure function Global Technical Services (GTS) to be responsible for delivery of infrastructure services across the entire SG group The Infrastructure Security team (GTS/SEC) ensures that processes / measures implemented by GTS in the area of IT security and operational risks are aligned with Group / GBIS ISS policies, GTS IT security standards and local regulations. Whilst located in London, the business line this position will be aligned to is GBIS.Summary of the key purposes of the role o As a Security Analyst in charge of Infrastructure Cyber Risk & Security for UK & CI perimeters: your role will consist to o Operational Security Management Manage Operational Security and provide KPI on Security on your perimeter Manage Security alerts and vulnerability management Provide support and Expertise during Security Audit & Penetration tests Manage Security Incident management /coordination with local GTS Team and GBSU in UK Ensure technical designs are aligned with global standards, where possible and sensible, and ensure designs are robust, reliable, and scalable. Provide in depth knowledge and expertise in hardening Windows, Linux/Unix systems ensure security standards are followed and raise alerts where necessary Assess IT Risks on IT infrastructure and Mitigating/Compensating controls o Operational Risk Management Manage Operational Risk Operations and provide KPI on IT Risk Management Risk Acceptance: Track the process of the remediation plans of active audit recommendation MyAction: Maintain and update regularly the action defined with rehars Risk Self-Assessment: Maintain and update regularly the actions for each global risk scenarios o CyberSecurity Oversight (in coordination with GTS/SEC/SOC) Provide recurrent Security indicators (KRI/KPI) of the coverage of the SOC activities perform continuous IT SOC Oversight and recurrent Security incident review o Project Management / Delivery Provide technical expertise on GTS/SEC perimeter, ensuring local constraints are well represented and understood by the global teams Lead and drive projects from a technical perspective to ensure timely delivery as per agreed upon timeframes with PM and business. contribute to update the Program Increment (PI) Planning for the Team taking into account dependencies with other teams. o Innovation, Market Watch and Security Awareness: Manage relationship with main key Partners in GTS/SEC explore and benchmark technologies which can improve security Identify/implement new technologies that provide value in term of Security and organize Proof of concepts with support of skill teams. Follow Strategy and Product Roadmaps for Suppliers and IT Partners Promote Security standards and perform awareness to business partners and convince users to follow Security rules. Summary of responsibilitieso Identify, assign and report infrastructure vulnerabilities and provide detailed analysis on a regular basis o Define comprehensive remediation plan and coordinate efforts with the different skill teams responsible o Providing Security advisories, recommendations and guidance to projects as required o Providing recommendations for security management improvement o Working with the Architecture team to implement new technologies or improvements o Work on projects that require the implementation of systems that run on this platform. o Responsibility for ensuring that you are fully aware of and adhere to internal Policies that relate to you, your business or other businesses for which you have any level of responsibility. It is your responsibility to ensure compliance with operational riskrequirements (e.g. Golden rules, security policies and regulatory requirements). o Responsibility for managing, controlling, preparing and escalating risk within the scope of your position. o Responsibility for reading, understanding and complying with the Companys Conduct and Standards and corresponding regulations. You will be notified of changes to policies in a timely manner through announcements and/or intranet updates. o Act with integrity and due skill, care and diligence in carrying out your duties. Your actions should always be able to satisfy high standards of scrutiny. o Observe proper standards of market conduct. Responsibility to ensure that you take reasonable steps to be fully aware of, understand and comply with all regulatory requirements from all regulatory bodies that are applicable to your business. Profile requiredCompetenciesEssential: • Very Good Knowledge of Active Directory, supporting from a Multi-Domain environments. • Good foundation on Infrastructure process and management • Good knowledge on IT Risk Framework and management • Good experience with Infrastructure Management tools • Experience in the Project Management • Experience of backup processes technologies • Good Troubleshooting and hardening skills • Good understanding of networks/firewalls Desirable: • ITIL Foundation Certification • and Understanding of Change management processes • Ability to use scripting technologies windows/unix • Understanding of Database technologies • High ethical standards • Take ownership of projects and tasks • Good time management • Strong interpersonal skills • Effective communicator • Ability to work in an international team environment • Ability to work under own initiative Why join usPeople join for the impact they can have on us. They stay for the impact we have on them. A flatter structure offers visibility and exposure beyond that of our competitors, so you know our names, and we know yours. Its personable, human, and inspires successthrough passion. By encouraging open mindedness and a willingness to share ideas, we have adapted to market changes and thrived through innovation. Bringing words like "hard work" and "dedication" together with "community" and "respect" has enabled us to workcollaboratively and build our future together. We call this Team Spirit and its what makes us different. Its what makes you