Cybersecurity Consultant

Reference 25000L0A

Responsibilities

• Put in place new log collection into the SIEM based on Splunk Enterprise Security technology, which implies :
  
  

The configuration of Heavy Forwarder components for log collection which will be in “pull” mode

The coordination with internal log collection team for log collection which will be in “push” mode

The update or creation of dedicated parsers

The configuration of enrichment with Asset & Identity module

Update of data model if the log collection is needed for specific detection use cases

Process the continuous improvement requests of the L1/L2/L3 analysts which could be :

A parsing update

An enrichment or lookup update

A data model update

A log collection issue

Proposal of ways to optimize the current Splunk configurations

Report back to the team on the tasks completed

Update of the internal technical documents end the end user guidelines

Comply with the internal rules :

All the configurations must be done by using CI/CD based on Github Actions and Jenkins (no manual updates on Splunk GUI)

All the changes must be tested on homologation SIEM platform

Comply with group process for managing changes and incidents on the engine

Optimization of log collection and continuous improvement on log enrichment / parsing to enhance the incident detection

Set up new log collection into the SIEM (Splunk Enterprise Security technology) for new projects with recommendations to comply with group standards.

Required

Profile required

This role requires deep expertise in Splunk architecture, administration

Why join us

“We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status”

Business insight

At Société Générale, we are convinced that people are drivers of change, and that the world of

tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious.

Whether you’re joining us for a period of months, years or your entire career, together we can have

a positive impact on the future. Creating, daring, innovating and taking action are part of our DNA.

If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a

daily basis and develop or strengthen your expertise, you will feel right at home with us!

Still hesitating?

You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices, and sharing their skills with charities. There are many ways to get involved.

We are committed to support accelerating our Group’s ESG strategy by implementing ESG principles in all our activities and policies. They are translated in our business activity (ESG assessment, reporting, project management or IT activities), our work environment and in our responsible practices for environment protection.

---