Security Risk Analyst with French

Security Risk Analyst with French

Romania

Security Risk Analyst with French

IT (Information Technology) Permanent contract Bucuresti, Romania Hybrid Reference 25000G8B Start date 2025/09/25 Publication date 2025/07/25

Responsibilities

Societe Generale Global Solution Centre (SG GSC) acts as a business solutions center for Société Générale, one of the largest European financial groups. We provide high quality professional services in over 35 countries in various business areas - Finance & Accounting, HR, IT and Corporate Operations. Our mission is to be a partner of choice, valued for owning, transforming and innovating with
-
- class talent.

Project Description:

SG GSC is looking for a French-speaking Security Risk Analyst who will be part of the team responsible for the security governance of the French entity ASSU and its international subsidiaries (7 subsidiaries, including 6 English-speaking and 1 French-speaking), whose activity concerns the fields of insurance (property and personal insurance)

RESPONSABILITIES

The mission mainly consists of contributing to:

- Security support for business projects using risk analysis by identifying business issues, security requirements, associated action plans, and assessing residual risks for internal and
- party projects

- Perform application security assessment for new and existing applications

- Review/negotiate security contractual clauses for various ASSU outsourcings

- Analyze and validate security exceptions requests

- Create and present to the business owners the results of various security tests in case vulnerabilities are found

And to a lesser extent:

- Actions to control the security level of applications.

- Support the deployment of the security framework for France/International projects.

- Managing IT operational risks (IT risks) at Société Générale Assurances:

o Maintaining and updating the ASSU referential

o Development and maintenance of dashboards to monitor the progress of initiatives.

What you will do:

- Security files (and intermediate deliverables such as safety classification, expression of project safety needs, residual risk assessment for business managers);

- Managerial presentation supports (IT and business) on projects;

- Interviews with IT, business owners and other stakeholders to determine applications sensitivity levels.

Profile required

Advanced knowledge of risk analysis methodologies and security key topics (classification, AICT assessment, intrinsic/residual risks, risk scenarios)

Knowledge of standards (ISO 2700x, ITIL, COBIT, etc. ) and security governance principles.

Knowledge of security best practices in the field of IT systems management (authorizations, data anonymization, incident management, authentication, backup, archiving, security patch management, antiviral updates, network partitioning, NAC, wifi, etc)

To a lesser extent:

Knowledge/experience in security architecture areas

Knowledge of the principles of administration of security tools: firewall, proxy, SIEM, DLP, IDS, IPS, Qualys type vulnerability scanner, IAM systems, etc.

Security monitoring / understanding and knowledge of the main security threats (virals, cybercrime, APT) and their distribution methods.

Possibly, experience of IT security audit missions

Security certifications (CISSP, ISO 27001, ISO 27005, etc. )

Other appreciated skills:

English (oral and written proficiency)

French (oral and written proficiency)

Knowledge of Excel and Powerpoint tools

Why join us

SG GSC is a Great Place to Work certified company. Here, you will find a flexible workplace and culture, autonomy, constant learning opportunities, dynamism, and talented people, making this experience a real career accelerator. You will also discover all the diversity of our businesses, in a sector that is constantly evolving and innovating. Plus, you will enjoy all our benefits:

competitive compensation & remuneration, including annual performance bonus; 

preventive healthcare plan, and group health & life insurance; 

wide range of flexible benefits within a monthly budget; 

office perks, wellbeing and mental health programs; 

various social benefits and bonuses for personal or family events; 

9-to-5 workday & flexible working environment (Hybrid);

additional paid and unpaid time off, including Sabbatical leave; 

learning and growth opportunities based on individual development and career plans; 

unlimited access to various e
Learning resources.