Senior Auditor, Information Systems Audit

Profile description:

As a Senior auditor, and as part of your audit assignments, you are expected to:

• Master IS environment in your current job and more specifically some of the following IT audit domains with related SG IT processes: security of information systems, IT infrastructures, applicative architectures, operating systems (OS), networks, virtualization, private/public Cloud, storage, databases, Big Data mechanisms, middleware. Additionally, and in link with your current job, master one of the bank’s information systems, whether from central functions (CPLE, HRCO, RISQ, DFIN or other central functions) or GBIS to integrate one of those 2 dedicated teams.
• Be able to identify and assess risks or a specific risk and understand the issues of the audited business/domain/subject. By example: 
  • To understand IT governance and internal or external security frameworks and their application in audit contexts.
  • To perform IT Controls testing (i.e access management, change management, backup/recovery processes, resiliency …).
  • To understand applicative architecture and monitoring mechanisms to evaluate system design, dependencies, and performance oversight.
  • To assess cybersecurity risks and evaluate controls related for instance to network security, identity management, and data protection.
  • To understand regulatory requirements (e.g., GDPR, local banking IT regulations) and review compliance of the entity audited.
  • To evaluate cloud and third-party service risks, including contractual and operational controls.
• Develop audit methodologies knowledge, learn and apply internal processes and contribute to their optimization, as well as data analysis and process approaches,
• Contribute to the overall mission diagnosis,
• Lead and/or participate in interviews with auditees,
• Perform controls and propose conclusions.
• Play an active role in writing the report in English and actively participate in debriefings with auditees,
• Ensure the follow-up of the implementation of your recommendations,
• Conduct research and develop methodologies in your area of expertise,
• Train and support more junior auditors, especially on data analysis tools,
• Be involved in several cross-functional topics (risk assessment, recruitment, training, internal projects, etc.).

When leading an audit assignment, you are required to:

• Be responsible for the assignment, its smooth execution, and compliance with IGAD rules,
• Determine the scope, priorities, schedule, and budget of the assignment and draft the engagement letter,
• Are responsible for the overall diagnosis and submit it for validation to the supervisor,
• Define control procedures according to the risks identified during diagnostics,
• Write the audit report, conclusions, and recommendations,
• Debrief findings with auditees, the supervisor, business correspondents, and possibly audit managers,
• Challenge the relevance of action plans proposed by auditees as well as the recommendations issued by the mission team,
• Manage a team during the missions (training and supporting more junior auditors, especially on data analysis tools, defining mission objectives, evaluation, etc.) and challenge them on identifying new risk areas,

As required you may also be required to:

• Be involved in or responsible for several cross-functional topics (risk assessment, recruitment, training, internal projects, etc.).
• Be responsible for contributing to the continuous risk assessment within their scope (CAM/RA). This contribution is materialized by producing interview summaries with auditees,
• As a member of the team, contribute to cross-functional actions aimed at improving team life and its functioning, under the supervision of a supervisor. They may participate in and possibly coordinate initiatives on behalf of the team: recruitment or communication actions, event organization, improvement of audit practices, knowledge sharing, etc.

In collaboration with their hierarchical and/or functional manager, the auditor is responsible for training in banking professions and associated risks, and for completing mandatory regulatory training within the deadlines set by the department. The auditor reports hierarchically to a GSC India supervisor and functionally to a BC. They are both co-responsible for the auditors’ professional support, career development, and annual evaluation against set objectives. Strict compliance with instructions, standards, and norms disseminated by the Business Correspondent, Supervisors, and IGAD COOs is expected, as well as proper use of IGAD tools.

Degree of Autonomy:

The auditors are required to have good autonomy in the assigned tasks. They must ensure a perfect audit trail of the work performed and report appropriately to the lead auditor.

Within the objectives assigned by their supervisor, the auditor has the necessary autonomy to organize and conduct their work. They consult their supervisor as needed, especially to manage difficulties or exercise their duty to alert. When leading an audit assignment, they are responsible for the smooth running of the assignment.

Required Behavioral Skills:
The auditor must demonstrate impartiality, ethics, transparency, and team spirit to successfully carry out their assignments. They must show perspective, curiosity, critical thinking and analytical skills.

Other Technical Skills

Ability to write fluently in English and have fluent oral communication.

Use of data analytics tools (e.g., Power BI, Python) is required.

IT Domains: Security of information systems, IT infrastructures, Applicative architectures, Operating Systems (OS), Networks, Virtualization, Private/Public Cloud, Storage, Databases, Big Data mechanisms, Middleware, Cyber Security

Knowledge of bank’s information systems: Corporate Functions or Investment Banking

Educational requirements and certifications:

Master’s degree in computer science / information systems

Professional certification such as CISSP, CISM, OSCP, CCNA, Azure and AWS are a plus.

Master’s degree in computer science / information systems, with 10-14 years of work experience in Information Systems Internal audit or IT operations, preferably with exposure to the Banking and Financial Services industry.

Lead or contribute on an audit assignment, working with global teams within IGAD, and manage senior stakeholders in business.

Professional certification such as CISSP, CISM, OSCP, CCNA, Azure and AWS are a plus.

Technical skills:

• Ability to write fluently in English and have fluent oral communication.
• Use of data analytics tools (e.g., Power BI, Python) is required.
• IT Domains: Security of information systems, IT infrastructures, Applicative architectures, Operating Systems (OS), Networks, Virtualization, Private/Public Cloud, Storage, Databases, Big Data mechanisms, Middleware, Cyber Security
• Knowledge of bank’s information systems: Corporate Functions or Investment Banking

We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

At Société Générale, we are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious.
Whether you’re joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating and taking action are part of our DNA.
If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us! 
Still hesitating?
You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices and sharing their skills with charities. There are many ways to get involved.

“Commitment and adherence to ESG practices of the organisation and endeavour to reduce the carbon footprint and sustainable practices”