Global Business Service Unit (GBSU) US delivers day-to-day services to Global Banking & Investor Solutions (GBIS) and its clients. GBSU consists of entities composed of IT & non-IT teams working side-by-side under the same leadership. GBSU supports the goal of rolling out a services platform model, spreading the technology and data culture, shortening decision-making processes, and adopting an industrial approach to ensure secure, stable, and compliant operations, as well as continuously improving front to back processing environments. GBSU maintains production services for applications, systems, and infrastructure, facilitates entry into new markets, ensures compliance with regulatory needs, as well as business growth & development.

The IT Risk Specialist shall be responsible for supporting the GBSU Risk Management program as defined by SG America's GBSU Department, as well as the Enterprise Risk Committee and the CIO. Our IT Risk Management program which is an important component of our Operational Risk management program, can be described in three steps below, which shall all be under the operating domain of this role:

• Risk Identification - Support the overall GBSU IT Risk Identification process, including the GBSU Annual IT Risk Assessment, as well as the GBSU divisions, continuous Risk Control Self Assessments (RCSA), and the Information Systems Security Program (ISSP), led by DCS. The IT Risk manager will provide support, to ensure remediation plans and prioritization of efforts on the issues identified in those risk assessments are acted on as planned. In addition, he or she will track and report the Risk identification efforts by Internal Audit, and provide the necessary support on all audit points related to risk. This position will require the production and maintenance of certain Key Risk Indicators, and assist GBSU management on its Permanent Supervision controls.
• Risk Measurement - Utilizing the standards and methods defined by the ORC and Enterprise Risk Committee, the IT Risk Manager shall support the collection, analysis and dissemination of relevant data for measurement of risk, inclusive of outages (incidents, problems), outage time, outage resolution, and operational incidents and or financial losses.
• Risk Mitigation - SG has a comprehensive program to define is annual priorities for investment in IT and Information Security. This role shall be responsible for supporting the regional IT Risk Head, in applying its priorities specifically to the IT Americas area, and where applicable, to the Global organization.

Day to day responsibilities include, but not limited to:

• Provide support/lead the execution of all assigned milestones and deliverables for the GBSU IT Risk Management program.
• Support/Lead all IT Risk Reporting and monitoring activities in line with the sustainability of the IT Risk Management program.
• Provide support to other team members involved with implementing and running the IT Risk Management program
• Collaborate with internal teams to align our operational activities with IT Risk best practices
• Write policies and procedures on certain core areas, as well as functional specifications, and model the requirements / specifications to IT Risk needs.
• Gather, analyze, document, and validate the IT Risk needs of the GBSU stakeholders.
• Procure technical assistance to assist in problem resolution for GBSU stakeholders for our risk tools, including but not limited to GPS (permanent supervision tool) and KART (Audit recon tool),
• Provide reporting support for all Risk based reporting by IT, including the Quarterly Enterprise Risk Committee report, and the Quarterly FCM Risk report.
• Support/Lead the formal reporting of IT Risk that is delivered monthly to the GBSU Americas IT Management team (ExCo)
• Support/Lead the IT Risk collaboration with the RISK Department in its effort to help assess the GBSU's risk appetite, and set up the appropriate risk thresholds and limits.
• Lead and Manage risk related projects impacting GBSU, and coordinate with the different risk functions.
• Lead efforts related to interfacing with all of the bank's regulators on matters relating to IT and Operational Risk as required.

Profile required

TECHNICAL SKILLS:

• Strong understanding of financial products.
• Strong understanding of Risk.
• Strong excel skills for in depth analysis.
• Strong PowerPoint skills for creating effective presentation decks.

PRIOR WORK EXPERIENCE:

• 3-5 years in Financial Services
• 3-5 years in a relevant Risk or Audit function that specialized in IT Risk management
• Working knowledge of banking industry requirements regarding the field of IT Risk, as defined by regulators such as the FED, FFIEC, and NYDFS.
• Working knowledge of IT and Cyber Risk Industry standards such as NIST and COBIT
• Hands on experience in IT Risk assessment
• Desired: Experience in working directly in an IT function related to Risk identification, measurement and mitigation.

EDUCATION:

• Bachelor's degree and or MBA or master's degree in finance (desired), Financial Engineering, Mathematics or equivalent:

Business insight

OUR CULTURE:
At Societe Generale, we live by our 4 core values of commitment, responsibility, team spirit and innovation. We are engaged and demonstrate consideration for others. We act ethically and with courage. We focus our talent and energy on collective success. We experiment and propose new ideas. This way, we maximize our ability to serve client needs and anticipate market changes. Societe Generale is committed to strengthening bonds with colleagues, communities, and the world in which we live, because relationships are at the heart of how we operate.
For more information about our Culture and Conduct initiatives, please visit this link (https://americas.societegenerale.com/en/careers/get-know-culture/)
D&I:
Our Diversity & Inclusion Mission: Recruit, develop, advance, and retain a diverse workforce that is united in our efforts to enhance our competitive position and deliver innovative solutions to our clients.

Our Diversity & Inclusion Vision:
• Engaged workforce that is demographically diverse in a way that reflects the communities in which we operate
• Inclusive culture and workplace that recognizes employees' unique needs and utilizes their diverse talents
• Engage our community and marketplace, and position the organization to meet the needs of all its clients

For more information about our D&I initiatives, please visit this link (https://americas.societegenerale.com/en/societe-generale-about/diversity-and-inclusion/)

HYBRID WORK ENVIRONMENT:
Societe Generale offers a hybrid work arrangement that offers employees the flexibility to work remotely, as well as on-site, in order to promote interaction and collaboration with colleagues while adhering to all SG standard protocols. Hybrid work arrangements vary based on business area. The applicable Business lines will determine and communicate the work arrangements that best meet their business needs.

COMPENSATION & SALARY RANGE:

Base salary range does not include overtime pay, bonus and/or other benefits, where applicable. Actual base salary offer will vary based on skills and experience.

Societe Generale is an equal opportunity employer, and we are proud to make diversity a strength for our company. We are committed to recognizing and promoting the talents and achievements of our employees and staff, regardless of race, religion, color, national origin, sex, disability, age, gender, sexual orientation, and any other characteristic or status protected under applicable law.

Reference: 24000DDV Entity: SG AMERICAS OPERATIONAL SECURITIES Starting date: 2024/07/08 Publication date: 2024/05/16 Salary or Compensation Range: $65,000 - $160,000