Expert - Information & Cyber Security

·   Support Risk Management and Supervision team [RMS] in charge of assessing the risk profile and the effectiveness of the information security risk systems of the Group’s Business and Service Units.

·        Review IT risk self-assessments and follow -up the implementation of agreed risk remediation plan.

·        Proactively understanding existing/upcoming regulations.

·        Facilitating local compliance with information security policy as well as appropriate regulations/laws

·        Assisting in the development / changes to the ICT risk frameworks, a strong risk management culture and to be recognized for providing expert operational risk advice.

·        Partner with sr. stakeholders to proactively identify ICT risks and assess the adequacy of controls to manage such risks, including recommending enhanced or additional controls.

·        Proactive in identifying and following up on ICT anomalies / areas of concern.

·        Independently review, challenge and support information security activities. - Review the analyses conducted by the LOD1 (ORMs/CISO/BU-SU Program Managers etc.) on their information security risk profile and the related remediation actions

·        In response to material information security incidents, whether internal or external, conduct independent deep dive review of the preliminary, interim, and final incident investigation report and act as a challenge function to such reports.

·        Support information security reporting and monitoring of metrics and Key Risk Indicators (KRI) at the product line and divisional levels; continuously review existing body of KRI and related reporting.

·        Consult with internal groups such as CISO, Infrastructure, Compliance, Legal, and other Operations teams on matters related to information risk controls, self-assessments, security incidents and infrastructure projects’ security aspects.

·        Participate in the validation of the information security standards and standards applied by the BUs/SUs and the requested exceptions.

·        Support Risk Management and Supervision team [RMS] in charge of assessing the risk profile and the effectiveness of the information security risk systems of the Group’s Business and Service Units.

·        Review IT risk self-assessments and follow -up the implementation of agreed risk remediation plan.

·        Proactively understanding existing/upcoming regulations.

·        Facilitating local compliance with information security policy as well as appropriate regulations/laws

·        Assisting in the development / changes to the ICT risk frameworks, a strong risk management culture and to be recognized for providing expert operational risk advice.

·        Partner with sr. stakeholders to proactively identify ICT risks and assess the adequacy of controls to manage such risks, including recommending enhanced or additional controls.

·        Proactive in identifying and following up on ICT anomalies / areas of concern.

·        Independently review, challenge and support information security activities. - Review the analyses conducted by the LOD1 (ORMs/CISO/BU-SU Program Managers etc.) on their information security risk profile and the related remediation actions

·        In response to material information security incidents, whether internal or external, conduct independent deep dive review of the preliminary, interim, and final incident investigation report and act as a challenge function to such reports.

·        Support information security reporting and monitoring of metrics and Key Risk Indicators (KRI) at the product line and divisional levels; continuously review existing body of KRI and related reporting.

·        Consult with internal groups such as CISO, Infrastructure, Compliance, Legal, and other Operations teams on matters related to information risk controls, self-assessments, security incidents and infrastructure projects’ security aspects.

·        Participate in the validation of the information security standards and standards applied by the BUs/SUs and the requested exceptions.

We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status”.

 At Société Générale, we are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious. Whether you’re joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating, and taking action are part of our DNA. If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us!

Still hesitating?

You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices, and sharing their skills with charities. There are many ways to get involved.

We are committed to support accelerating our Group’s ESG strategy by implementing ESG principles in all our activities and policies. They are translated in our business activity (ESG assessment, reporting, project management or IT activities), our work environment and in our responsible practices for environment protection.