Societe Generale Global Solution Centre (SG GSC) acts as a business solutions center for Société Générale, one of the largest European financial groups. We provide high quality professional services in over 35 countries in various business areas - Finance & Accounting, HR, IT and Corporate Operations. Our mission is to be a partner of choice, valued for owning, transforming and innovating with best-in-class talent.

Project description:

Société Générale Assurances is the entity of the Société Générale Group that is involved in the fields of insurance (property and personal insurance). This service will be carried out within the "Resource Functions" department, which is notably responsible for IT security for ASSU France and International.

The Cybersecurity Architect contributes to security strategy and IT risk management by defining security policies and guidelines, overseeing controls and associated remediation, and providing consulting support to projects and business areas within their area of responsibility.

RESPONSIBILITIES

Specifically, you will be required to:

Design:

• Contributes to risk analyses related to technological foundations. It analyzes risks and vulnerabilities in systems and equipment;
• Defines and recommends the reference technical architecture that meets a variety of requirements (features, interoperability, or robustness of information systems, compliance, sustainability, etc.), the needs of the company, and current regulations;
• Develops and updates technical policies, security standards, and associated security solution guides related to its areas of expertise concerning business strategy, IT, and innovation.

Recommendation:

• Implements the appropriate technical recommendations and ensures the follow-up of his recommendations in compliance with established standards;
• Protects the information systems of the company by implementing security processes, particularly patch management. The cybersecurity architect regularly verifies the level of security achieved through compliance and cyber intrusion testing campaigns; Considers and analyzes vulnerabilities and non-compliances and proposes action plans;
• Communicates cybersecurity requirements to various suppliers and/or developers and checks their consideration in the documentation and implementation of subsystems. Ensures proper mastery of solutions by operational teams.

Advice:

• Proactivity in proposing changes to security solutions;
• Promotes the use and combination of existing security components;
• Analyzes security risks associated with the introduction of new technologies or new information systems.

Communication/ Steering

• Contributes to the maturity development of technical architects and planners concerning IT security;
• Collaborates with technical security specialists to provide a comprehensive view of security;
• Represents the entity's security to other security teams within the Group;
• Ensures the planning, organization, and facilitation of workshops and technical meetings with IT stakeholders.