Operational Risk Supervisor - Cyber

Permanent contract|London|Risks

Operational Risk Supervisor - Cyber

London, United Kingdom Permanent contract Risks


Description of the Business Line or Department

The Risk Management (RISQ) Division in the UK. Independent from the Business Lines, RISQ Division's mission is to contribute to the development of the SG Group's activity by facilitating the objectives of the Business Lines while maintaining independent oversight through risk evaluation and monitoring.

The mission of the Operational Risk Second Line of Defence department (RISQ OPE) is to provide independent, objective and leading operational risk management challenge and oversight to assist the firm in maintaining an effective system of operational risk management.

RISQ OPE conducts the oversight of the governance, risk and control frameworks, and tolerances of Operational Risk.

RISQ OPE provides proactive advice to help management identify and measure key risks, and to evaluate controls in businesses and service units.  An objective is to accompany the employees and raise awareness of the importance of operational risk management which is based on the principle that “everyone is an operational risk manager”.

RISQ OPE organises and tests the soundness and efficiency of the operational risk framework, especially on governance, risk identification and mitigation as well as permanent controls.

The department based in London covers the SG London Branch and SG International Ltd (SGIL) entities.

Summary of the key purposes of the role

The role is in SG London Branch, but dedicated to SGIL. As such it involves a focus on both SGIL-specific and transversal risks. The role focuses on Information Security and IT risks.

The Operational Risk Supervisor needs to assess the First Line of Defence (1 LOD) framework in the identification and management of its operational risks, by reviewing and challenging appropriately remediation plans and risk acceptances. This role applies to existing business as well as key projects.

The Operational Risk Supervisor should also make sure that the first level of control framework (on operational risk) is adapted and efficient.

The Operational Risk Supervisor needs to ensure that the processes and governance around operational risk (Incident Collection/Reporting, RCSA, Permanent Supervision, etc…) respect the group policies and norms. He/She will challenge and may conduct investigations and follow-up on red flags and corrective action items.

In case of major risk identification or a risk that is not appropriately managed by the department in charge (or lacking of department in charge) the Operational Risk Supervisor has the duty to escalate the information through the appropriate channel starting with his/her management.

In the context of the SG Leadership model, the Operational Risk Supervisor will invest their time and skills towards team work, act ethically and with courage, propose new ideas and contribute to change management, and finally lead as an example through support to colleagues or other teams. All these actions and values will contribute to the development of client positive impact.

Summary of responsibilities

Primary Responsibilities as a member of RISQ/OPE

  • Assess operational risk management framework in London: IT and Information Security, with a particular focus on risks in SGIL.
  • Consolidate and provide independent risk assessment on topics to senior business and service unit management as well as RISQ (OPE) management.
  • Participate in and contribute to first line operational risk committees with risk analysis and/or escalation, contribute and escalate if needed to branch level committees.
  • Act as an advisor to the business on Operational Risk Processes, tools and propose solutions to address risks / communicate expectations to first line of defence.
  • Develop knowledge and advise on (market) best practices related to risk management.
  • Can be associated or take the lead on operational risk awareness and training sessions.
  • Provide an opinion on, or validate exceptions, to operational risk norms within risk appetite.
  • Participate or coordinate with other second line teams and third line exercises as well as regulator requests on operational risk.
  • Contribute to the operational reporting and governance for the SGIL Risk and Controls Committee.
  • May participate in and engage working groups / forums outside SG to share and implement best practices.
  • Assist other RISQ/OPE team members on their underlying BU/SU coverage for front to back analysis and in order to ensure back-up.

Profile required


Business knowledge

-Information Security and IT knowledge and experience

- Operational Risk Processes Knowledge


-Experience in developing and documenting governance processes supporting operational risk frameworks


-Office (Power Point, Word or Excel)


-Operational Risk Tools knowledge (SG or Industry)

-Knowledge of tools used in the processing chain is a plus (SG or Industry)

Soft Skills

-Strong analytical skills with high attention to details and accuracy

-Ability to articulate complex concepts in a clear manner

-Excellent verbal, written, and interpersonal communication skills

-Able to organize time, multitask, and define priorities (autonomy)

-Able to interact with all level of the organization from operators to executive management members

-Must be able to work collaboratively within a complex organization, across multiple cultures, geographies and disciplines


-Ability to be flexible and agile (priorities may change)

- Demonstrated ability to lead change through influencing skills, be a positive change agent


-English required – French is a plus.

Why join us

People join for the impact they can have on us. They stay for the impact we have on them. A flatter structure offers visibility and exposure beyond that of our competitors, so you know our names, and we know yours. It's personable, human, and inspires success through passion. By encouraging open mindedness and a willingness to share ideas, we have adapted to market changes and thrived through innovation. Bringing words like “hard work” and “dedication” together with “community” and “respect” has enabled us to work collaboratively and build our future together. We call this Team Spirit and it's what makes us different. It's what makes you different.

Business insight

If you feel you have the required experience and qualifications, then please apply to the SG Resourcing Team, and we will manage your application. At Société Générale, we believe our people are our strength and are core to the success of our business. As such, we search for, recruit and appoint the best available person on the basis of aptitude and ability, regardless of sex, marital or civil partnership status, race, colour, nationality, ethnic or national origins, pregnancy, disability, age, sexual orientation, religion, belief or gender identity.

We are an equal opportunities employer and we are proud to make diversity a strength for our company. Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination.

Reference: 21000S3G
Entity: SG CIB
Starting date: 2021/11/15
Publication date: 2021/09/30