Societe Generale is looking for a dedicated Operational Risk Manager specializing in Cybersecurity Risks to join our Risk Management Department. In this role, you will play a critical part in helping us understand and manage cybersecurity risks across our organization. You will work closely with various teams to ensure our data and technology environments are secure while contributing to the overall growth of the company. If you are passionate about cybersecurity and risk management, we want to hear from you!
Responsibilities
As an Operational Risk Manager, your day-to-day tasks will include:
- Risk Management: Conduct thorough evaluations of cybersecurity risks, including assessing, reporting, and overseeing remediation plans for various technologies such as databases and networks.
- Collaboration: Partner with the Chief Information Security Officer (CISO) and IT teams to develop policies and Key Risk Indicators (KRIs) for ongoing monitoring of cyber risks.
- Program Development: Create and manage an Information Technology & Information Security Risk Program that uses standard risk classifications.
- Independent Assurance: Perform independent checks and validations of cybersecurity controls to ensure they meet required standards.
- Threat Analysis: Identify emerging cyber threats and assess the effectiveness of risk management frameworks.
- Scenario Development: Create cybersecurity risk scenarios to identify potential attack methods and enhance our defense strategies.
- Compliance: Ensure that all cybersecurity measures comply with legal and regulatory requirements related to data management.
- Incident Response: Participate in reviewing data breaches and technology incident responses to strengthen our protocols.
- Operational Resilience: Develop scenarios for stress testing to evaluate our ability to respond to potential risks.
Qualifications
To succeed in this role, you should have:
- Education: A bachelor’s or master’s degree in computer science, engineering, or a related technical field.
- Industry Knowledge: Familiarity with financial services, especially regarding cybersecurity laws and regulations like GDPR, GLBA, and NYSDFS.
- Experience: Previous work in cybersecurity operations or related areas is preferred, ideally in a second line of defense (LOD) cybersecurity risk role.
- Technical Skills: A solid understanding of cybersecurity principles and common frameworks such as NIST, ISO, and COBIT.
- Leadership Ability: Strong leadership skills with a capacity to influence and guide teams effectively.
- Communication Skills: Proficiency in English, both spoken and written, is required for regular collaboration with colleagues and partners in the U.S.
Nice to Have:
- Certifications in IT Risk management (CGEIT, CRISC, CISA).
- Cybersecurity certifications (CISSP, CISM).
Benefits
At Societe Generale, we offer a competitive compensation package that includes:
- Generous Time Off: A minimum of 20 vacation days plus four personal days.
- Family Support: Comprehensive maternity, paternity, parental, and adoption leave policies.
- Health Spending Accounts: Annual health spending of $2,000 and personal spending of $1,000 for various eligible expenses.
- Wellness Programs: Fully sponsored virtual healthcare assistance and an Employee Assistance Program for you and your family.
- Diversity and Inclusion Initiatives: Engage with various Employee Resource Groups (ERGs) to support diverse communities within our workforce.
- Continuous Learning: Access to training programs and platforms like Coursera and Pluralsight to enhance your skills.
Applying Guide
If you’re interested in this opportunity, here’s how to apply:
- Update Your Resume: Highlight your relevant experience and skills in cybersecurity and risk management.
- Craft a Cover Letter: Write a brief cover letter explaining why you would be a great fit for this role. Include any specific experiences that relate to the position.
- Submit Your Application: Send your resume and cover letter or apply through our website .
- Interview Process: If selected, we will reach out to discuss your experience and how you can contribute to our team.
- Follow Up: After your interview, consider sending a thank-you email to express your appreciation for the opportunity.