Cyber Security Senior Analyst - Pentesting

Reference 25000HMG

Responsibilities

• Moderate functional knowledge of cyber security or information security processes and expert domain knowledge
• Assist functional manager in performing day to day security activities/operations by working independently;
• handle larger projects or assignments Analyze the problem statements, define and execute the desired solutions;
• mentor team members Work inline with defined processes, framework and provide regular functional updates to manager
• Ability to prioritize deliverables and work in consultation with manager and other seniors in the team Contribute to various functional initiatives with larger responsibilities
  
  

Required

Profile required

• 3 to 6 years of related work experience in threat modeling, penetration testing and/or application security testing
• Expertise in conducting pentest on Web applications, API, thick client applications etc.
• Thorough understanding of application architectures, understanding of security standards, frameworks and methodologies, HTTP, TCP/IP
• Knowledge of web application attacks and defense strategies including those found in the OWASP Top 10, Mobile Top 10 and SANS top 25
• Knowledge using leading testing tools such as Accunatix, Burp suite, NMAP, Kali OS , Nessus, Metasploit etc.
• Experience with various operating systems, network security technologies, web application development technologies, languages and frameworks such as .Net, Java, PHP, Angular JS, NodeJS etc.
• Development and scripting languages such as Python, C/C++, Java/JavaScript
• Experience with Configuration and Deployment Management Testing, Identity Management Testing, Cookie/Session Management, Authentication/ Authorization Testing, Input Validation Testing, Privilege escalation testing, Enumeration testing
• Good communication, presentation and interaction skills
• OSCP certification (preferred), CEH, SANS or Certified Penetration Tester, Certified Expert Penetration Tester or GIAC Certified Penetration Tester
• Bugbounty hunters, CVE finders and other bugcrowd rank holders are preferred
  
  

Why join us

We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Business insight

At Société Générale, we are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious. Whether you’re joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating, and taking action are part of our DNA. If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us!

Still hesitating?

You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices, and sharing their skills with charities. There are many ways to get involved.

We are committed to support accelerating our Group’s ESG strategy by implementing ESG principles in all our activities and policies. They are translated in our business activity (ESG assessment, reporting, project management or IT activities), our work environment and in our responsible practices for environment protection.

Diversity and Inclusion

We are an equal opportunities employer and we are proud to make diversity a strength for our company. Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination.

---