IT Auditor, Associate

• Performing as the lead on audit missions, ie: define control (audit) procedures, determine the scope, priorities, time schedule and budget, identify required resources; identify root causes, develop SMART recommendations, etc.
• Independently and autonomously driving parts of the audit process, ie: fill parts of diagnostic matrix, suggest areas for review, propose audit procedures to be performed; identify and rank risk on a process; propose relevant sampling strategies, etc.
• Preparing high quality workpapers that support the findings and conclusions.
• Providing high quality and impactful audit reports, including executive summaries (when in lead)
• Organizing and leading interviews and meetings on complex IT topics and audit missions with auditees and senior team members; providing concise and comprehensive debriefing presentation
• Following up on the implementation of recommendations and the action plans
• Participating in department wide transformation projects and actively contributing, communicating and implementing the changes, and supporting others through the process

DIVISION DESCRIPTION: 
The Audit Division (IGAD) represents Societe Generale's independent internal audit function, comprised of over 1,200 professionals covering Societe Generale's global business and services in over 150 countries. The SGUS Audit Department (SGIAA) within IGAD is a group of about 70 professionals with diverse backgrounds and subject matter expertise based in the US, Bangalore, and Brazil, responsible for Societe Generale's businesses in the Americas region. Constituting the third line of defense, IGAD conducts independent audits of operational entities in an objective, thorough and impartial manner in line with professional standards. IGAD assesses the compliance of the Group's operations, the effective level of risk exposure and management, the adequate enforcement of procedures and the effectiveness and relevance of the permanent control set-up.

SKILLS AND QUALIFICATIONS:

Technical Skills:

• Strong IT security knowledge such as application security architecture, network security, data security administration, database security. Working experience and/or knowledge of relevant regulatory requirements (NYDFS Cybersecurity, GLBA, etc.) is a plus.
• Demonstrate a good understanding of banking products, accounting and operational processes, regulatory and legal considerations, and their associated risks (credit, market, operational, etc.)
• Strong risk management experience, including performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk
• Demonstrated experience auditing general computer controls and IT control testing of applications, operating systems, and databases
• Have working experience with common IT risk management frameworks such as COBIT, FFIEC, ITIL, NIST, ISO27001, etc.
• Strong analytical skills. Proven history of analyzing data and situations to identify meaningful observations

Competencies:

• Highly motivated and committed to lead and progress
• Demonstrates strong organizational/project management skills; able to prioritize and time manage to meet deadlines and timely escalate issues
• Excellent written and verbal communication skills
• Demonstrates openness to new ideas; able to propose solutions/enhancements and contribute to process improvements  
• Able to effectively and independently communicate with others; establish professional relationships; and effectively present and influence

EDUCATION/EXPERIENCE:
Required:

• Bachelor's or master’s degree in Computer Science, Management of Information Systems or another relevant subject
• 5+ years of work experience in financial services, internal auditing, or relevant risk management positions

Desired / Plus:

• Relevant certifications (CISA, CISSP, CISM, PMP preferred)
• Work experience in relevant business or risk management function within corporate/investment bank
• Big 4 consulting experience

OUR CULTURE: 
At Societe Generale, we live by our 4 core values of commitment, responsibility, team spirit and innovation. We are engaged and demonstrate consideration for others. We act ethically and with courage. We focus our talent and energy on collective success. We experiment and propose new ideas. This way, we maximize our ability to serve client needs and anticipate market changes. Societe Generale is committed to strengthening bonds with colleagues, communities, and the world in which we live, because relationships are at the heart of how we operate.
For more information about our Culture and Conduct initiatives, please visit this link (https://americas.societegenerale.com/en/careers/get-know-culture/)
D&I: 
Our Diversity & Inclusion Mission: Recruit, develop, advance, and retain a diverse workforce that is united in our efforts to enhance our competitive position and deliver innovative solutions to our clients.

Our Diversity & Inclusion Vision: 
•     Engaged workforce that is demographically diverse in a way that reflects the communities in which we operate
•     Inclusive culture and workplace that recognizes employees' unique needs and utilizes their diverse talents 
•     Engage our community and marketplace, and position the organization to meet the needs of all its clients

For more information about our D&I initiatives, please visit this link (https://americas.societegenerale.com/en/societe-generale-about/diversity-and-inclusion/)

HYBRID WORK ENVIRONMENT:
For most positions, Societe Generale offers a hybrid work arrangement that offers employees the flexibility to work remotely, as well as on-site, in order to promote interaction and collaboration with colleagues while adhering to all SG standard protocols.  Hybrid work arrangements vary based on business area.  The applicable Business lines will determine and communicate the work arrangements that best meet their business needs.

COMPENSATION & SALARY RANGE:

Base salary range does not include overtime pay, bonus and/or other benefits, where applicable. Actual base salary offer will vary based on skills and experience.