Offers “Société Générale”

Expires soon Société Générale

Sr. Analyst - Cybersecurity

  • Internship
  • Bangalore (Bangalore Urban)
  • IT development

Job description



Responsibilities

Cyber Security Expert - Senior network and infrastructure pentester with good experience in application security. This role will be exclusively focused on delivery, technical team leadership and technical expertise.

An individual role with strong technical skills (IT infrastructure and application), along with a thorough Cyber security domain knowledge.

1. Perform security penetration testing and vulnerability assessment for internal, external perimeter, wireless networks and web applications, IT infrastructure, end-points, cloud (AWS and Azure) etc.
2. Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra VPN, virtualization etc.
3. Source code reviews, red team exercises, security architecture configuration reviews, and technical security compliance reviews
4. Thorough experience in configurations reviews against CIS benchmarks and security standards for end points, network devices firewall, IPS etc.
5. Partner with Technology and Application teams to create, implementation and/or remediation plans for identified vulnerabilities
6 Penetration testing skills including the use of security assessment and hacker tools; e.g. Kali, BURP, AppScan, Fortify, Wireshark, nmap, netcat, ZAP, FireBug, Nessus, qualys etc.
7. IT security knowledge and Good to have Experience with vulnerability scanning tools (Nessus, Qualys, InsightVM, AppScan,etc).
8. TCP/IP networking, Windows and Unix/Linux operating systems, network and data center architecture knowledge
9. Web-based applications and services (SOAP/REST)
10. Development skills, preferably including one or more of C/C++/C#, Python, Ruby, Perl, PHP, ASP, JSP, Java, JavaScript/ AJAX, XML/JSON
11. Familiarity with databases; e.g. MS-SQL, MySQL, Oracle
12. Demonstrated knowledge of common vulnerability frameworks...
13. Ability to drive discussion with business and tech teams and coach people

Profile Required

·  7 to 10 years of related hands-on work experience
·  OSCP certification (preferred), SANS or Certified Penetration Tester, Certified Expert Penetration Tester or GIAC Certified Penetration Tester
·  Bugbounty hunters, CVE finders and other bugcrowd rank holders
·  Thorough understanding of infrastructure architectures, application pentest and related vulnerabilities
·  Solid understanding of security standards, frameworks and methodologies: OWASP, CVE, CVSS …
·  Good communication, presentation and interaction skills. Experience working with technical experts and architects in security domain.
·  Knowledge of HTTP, TCP/IP networking required
·  Knowledge of Active Directory (AD) Environment Penetration Testing
·  Knowledge of Scripting Language. E.g. Python / Perl / PowerShell /
·  C / C++ / Java / JavaScript
·  Knowledge of penetration testing methodology required
·  Knowledge of web application attacks and defense strategies including those found in the OWASP Top 10 and Mobile Top 10
·  Industry standard Certification such as Certified Information Systems Security Professiona (CISSP) or Security+
·  Understanding of security frameworks such as ISO27001 or NIST Cybersecurity Frameworks a plus
·  Experience with various operating systems, network security technologies, web application development technologies, languages and frameworks such as .Net, Java, PHP, Angular JS, NodeJS etc.
·  Experience with Configuration and Deployment Management Testing, Identity Management Testing, Cookie/Session Management, Authentication/Authorization Testing, Input Validation Testing, Privilege escalation testing, Enumeration testing. The above description is a general statement of required/mandatory major responsibilities performed on a regular and continuous basis. It does not include other responsibilities, as assigned from time to time on a need basis on the related role.

Why Join Us

“We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status”

Business Insight

Société Générale Global Solution Centre (SG GSC), a 100% owned subsidiary of European banking

major Société Générale (SG). Our role and purpose is to enable the strategic vision of Société Générale Group. We are doing this by pioneering cutting edge innovation from Design Thinking to Smart Automation & Artificial Intelligence and applying it to banking. SG Global Solution Centre provides services in the areas of Application Development and Maintenance, Infrastructure Management, Business Process Management, and Knowledge Process Management to Société Générale's business lines around the world.

We are an equal opportunities employer and we are proud to make diversity a strength for our company. Societe Generale is committed to recognizing and promoting all talents , regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, sexual or gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination.

Job code: 200005A2
Business unit: SG Global Solution Centre
Starting date: Immediate
Date of publication: 07/04/2020

Make every future a success.
  • Job directory
  • Business directory