DLP level 1 analyst(French)

Societe Generale Global Solution Centre (SG GSC) is a business solution center for Societe Generale, one of the largest European financial groups. We provide high-quality professional services for more than 35 countries in various fields of activity – Finance & Accounting, Human Resources, Information Technology, Know Your Customer, Compliance and Business Advisory. Our mission is to be a partner of choice, valued for owning, transforming and innovating through best in class talent.

A pro active and reactive behavior is expected from the candidate who will have to work closely with DLP level 2, level 3 and process owner.

In the department Information System Security (ITS) of the internal control (SAFE), SRI (Surveillance, Response & Investigation) team is in charge of managing security request for GBIS entity (GLOBAL Business Investor Solution – private banking, investment banking, security services), management of security incidents, review & analysis of security controls issues in order to identify weak signals.
Since 2011, SAFE set up an organization to ensure exception management and data leakage control process. Those 2 subjects are part of SAFE/ITS/SRI expertise.

The role of the candidate is to ensure the first level assessment of anomalies generated by the DLP control based on defined criteria. The anomalies consist in email or documents uploaded on the internet which match the confidential rules defined with GBIS Business. The 100 anomalies managed every day must be reviewed in order to ensure if they need to be escalated to level 2 for a complementary assessment. The review is performed based on specific criteria defined.

The candidate working on this subject is also in charge to notify the control owner if he detects any strange behavior of specific rule (for example a large number of anomalies generated during a specific period) and to propose “validated practice” based on pattern of anomalies identified which will be used to optimize detection capability.
A detailed follow up of the activity will be requested every week describing the performance.