Current jobs related to Operational Risk Manager – Cybersecurity Risks - Montreal Quebec GF, CA - SGS Société Générale de Surveillance SA

  • Cybersecurity Risk Analyst

    3 months ago

    Montreal, Quebec, G4F, CA Produits forestiers Résolu Full time

    Resolute Forest Products, founded more than two centuries ago, is a global leader in the forest products industry. Through the years, it has built more than 20 predecessor companies and supported hundreds of communities. The company owns or operates some 40 facilities, as well as power generation assets, in the United States and Canada. Our 6,600+...

  • Intern, Governance, Risk and Compliance

    7 days ago

    Montreal, Quebec, G4F, CA Canadian National Railway Full time

    Canadian National Railway Company (CN) is looking for a highly motivated person to fulfill a full-time (40h/week) Intern, Governance, Risk and Compliance position in Montreal, QC from May- Aug 2025. Job Summary The Intern, Governance, Risk and Compliance (GRC) is responsible to execute the activities supporting the GRC framework and processes. The incumbent...

  • Chief Advisor Technology and Cyber Risk Management

    2 months ago

    Montreal, Quebec, G4F, CA National Bank Full time

    As a Chief Advisor, Technology and Cyber Risk Management for Business Lines on the Technology, Cyber and Data Risk Management team at National Bank, you will act as a second line of defence specialist on information technology and cybersecurity. Your experience in several areas of technology (IT architecture, cloud, cyber) will help you to have a positive...

  • Senior Advisor Technology Cyber and Data Risk Management

    1 month ago

    Montreal, Quebec, G4F, CA National Bank Full time

    As a Senior Advisor on the Technology, Cyber and Data Risk Management team at National Bank, you’ll act as a specialist in support of the implementation of the Bank’s risk management strategy. This role will enable you to have a positive impact on the organization by taking charge of risk governance for the 2nd line of defence.Your role Contribute to the...

  • Senior Advisor Operational Risk

    7 days ago

    Montreal, Quebec, G4F, CA National Bank Full time

    A career in risk management at National Bank means being part of the transformation having a direct impact on the client. As a Senior Advisor - Operational Risk, Wealth Management, you will work with various stakeholders to ensure the implementation of the operational risk management framework within Wealth Management (WM). You will also be part of a team...

  • Financial and Risk Analyst

    4 weeks ago

    Montreal, Quebec, G4F, CA Administration portuaire de Montréal Full time

    Reporting to the Treasury and Risk Manager, the incumbent is responsible for analyzing financial data and assessing risks to support strategic decision-making within the organization. This role involves developing financial models, conducting risk assessments and making recommendations to mitigate risks and optimize financial performance.Financial analysis,...

  • Advisor Market Risk Model Validation

    2 months ago

    Montreal, Quebec, G4F, CA National Bank Full time

    A career as an Advisor in Market Risk Model Validation at National Bank means participating in transformation which has direct impact on clients. You will participate in validating and establishing the acceptability of models, quantifying potential losses as well as model limits. In addition, you will contribute in the model risk governance and management....

  • Senior Manager Cybersecurity and IAM

    1 month ago

    Montreal, Quebec, G4F, CA National Bank Full time

    A career as an Identity and Senior Manager/Access Management (IAM) business owner with National Bank's Cybersecurity team means being responsible for the delivery of high value-added services for the organization. You will mobilize a multidisciplinary team of professionals who will collaborate with our internal partners. Thanks to your expertise in IAM...

  • Senior Data Scientist credit risk management

    1 month ago

    Montreal, Quebec, G4F, CA National Bank Full time

    A career as a Senior analytical data scientist within the Credit risk models team involves acting as an expert in credit risk modeling. You will work on developing and deploying models to assess the credit risk of retail and commercial clients of the bank, on combining data with internal credit expertise to develop models that are both performing and...

  • Intern, Operational Technology Security Architecture

    7 days ago

    Montreal, Quebec, G4F, CA Canadian National Railway Full time

    Canadian National Railway Company (CN) is looking for a highly motivated person to fulfill a full-time (40h/week) Intern, Operational Technology Security Architecture position in Montreal, QC from May- Aug 2025. Job Summary The Intern, Operational Technology (OT) Security Architecture is responsible for executing activities that support the Chief Information...

  • Senior Cyber Security Advisor

    2 months ago

    Montreal, Quebec, G4F, CA National Bank Full time

    A career as a Senior Cybersecurity Advisor at National Bank means acting as a cybersecurity expert and providing tactical and strategic guidance as well as advice to help business and technical teams achieve acceptable security risk postures. It is through your diplomacy, as well as your knowledge of governance processes, risk management and compliance that...

  • Business Information Security Officer BISO

    1 month ago

    Montreal, Quebec, G4F, CA National Bank Full time

    A career in cybersecurity at National Bank means participating in the transformation to have a direct and positive impact on the client. As an Business Information Security Officer (BISO) you will be responsible for aligning the information security strategy with the strategy and context of the business line that will be assigned to you.You will adapt the...

  • Operations Manager

    7 days ago

    Montreal, Quebec, G4F, CA Groupe Desgagnés Full time

    Take up an exciting challenge in the marine industry! Pétro-Nav Inc. is recruiting an Operations Manager to oversee and optimize marine activities in the Arctic. If you are ready to take on strategic operational responsibilities and play a key role in a demanding environment, this is the opportunity for you. Your mission: At the heart of our...

  • Expert Security Architecture- Cloud

    7 days ago

    Montreal, Quebec, G4F, CA Canadian National Railway Full time

    At CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely...

  • Int. Bilingual Quantitative Analyst with quantitative skills, Python and SQL to develop, implement and maintain quantitative risk models for a large bankin

    7 days ago

    Montreal, Quebec, G4F, CA S.i. Systems Full time

    Job ID: 52862# of positions: 1Start Date: Dec 2nd Duration: 12 months Extension possible: YesConversion Possible: YesInterview Process: 1 Teams + 1 with other team members also virtual or in person Work Location: 1350 Rene-Levesque Blvd Corporate MTL ( 3 days in office Tuesday to Thursday ) DescriptionApply specialized skills and fundamental data science...

  • Ship operator

    1 month ago

    Montreal, Quebec, G4F, CA Fed Supply Full time

    Hello ! I'm Jérémy, Recruitment Consultant for the Fed Supply employment agency, specialist in the fields of supply chain, logistics, transportation and customer service - offering temporary and permanent jobs in the Greater Montreal area. Our team of Supply Chain and Logistics experts speaks your language and operates in your world.Hello ! I'm...

  • Product Owner

    2 weeks ago

    Montreal, Quebec, G4F, CA National Bank Full time

    A career as a PO Lead Product in the Privacy Protection (PRP) and Artificial Intelligence (AI) Strategic Transformation Program. You will be required to act as a manager of cross-cutting projects relating to the management of access to personal information (GARP); or the evolution of the framework for the development, acquisition and use of AI as well as...

  • Senior Cybersecurity Advisor

    2 weeks ago

    Montreal, Quebec, G4F, CA National Bank Full time

    A career as a Senior Cybersecurity Advisor at National Bank means playing a strategic and cross-functional analysis role within the Information Security Office. You will be responsible for defining and managing the cross-functional demand management process for unplanned initiatives impacting the information security industry. You will contribute to the...

  • Senior Manager, Corporate Finance

    7 days ago

    Montreal, Quebec, G4F, CA Canadian National Railway Full time

    At CN, everyday brings new and exciting challenges. You can expect an interesting environment where you’re part of making sure our business is running optimally and safely―helping keep the economy on track. We provide the kind of paid training and opportunities that long-term careers are built on and we recognize hard workers who strive to make a...

  • Associate

    3 months ago

    Montreal, Quebec, G4F, CA National Bank Full time

    A career as an Associate in the Operational Business Strategies, Resilience, and Risk Management team at National Bank means supporting the business line in identifying, assessing, monitoring, and managing its operational risks by deploying an efficient, practical, and tailored approach that considers the specific context of Financial Markets. In this...

Operational Risk Manager – Cybersecurity Risks

3 months ago

Montreal Quebec GF, CA SGS Société Générale de Surveillance SA Full time

Responsibilities

The Risk Management Department contributes to the sustainable growth of the Societe Generale group through its expertise, understanding of risks, and risk management techniques. The department’s mission is to independently analyze, assess, manage, and monitor risk-taking activities with the objective of achieving, together with the first line-of-defense, the best possible outcome for the bank. The department oversees the enterprise, strategic, credit, market, liquidity, operational, model, and other risks of the corporate and investment banking business activities.

Independent from the Business Lines, the Risk Management (RISQ) Division's mission is to contribute to the development of the SG Group's activity by facilitating the objectives of the Business Lines while maintaining independent oversight through risk evaluation and monitoring. The RISQ division in the US supports all the activities in the Americas Region (US, Canada and Latin America), which is almost exclusively corporate and investment banking (GBIS) oriented.

ABOUT THE JOB:

The Head of Cybersecurity Risk is looking to hire a Cybersecurity Risk Manager that will join the RISQ/OPE organization to help further define the 2nd line of defense processes, policies, and tools for SG’s data and technology environments. Cyber risk coverage areas include Reference data, transaction processing, digital transformation (cloud), threat intelligence, Identity and Access Management, data protection, and cybersecurity incident/response.

This role is responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk in the organization. This resource will also help further define the Cybersecurity Risk 2nd line of defense practices including, but not limited to assessments, life-cycle practices, operational incident/response, service delivery, and BCP. This is an individual contributor role.

What will be your DAY-TO-DAY?

Day-to-day responsibilities include but are not limited to:

  1. Perform full range of technology and information and cyber security risk management lifecycle activities, including risk identification, assessment, reporting, and oversight of remediation planning and execution. E.g. third-party, application, database, infrastructure, network penetration testing, etc.
  2. Partner with Chief Information Security Officer (CISO) and IT organizations to establish standards, policies, and develop KRIs and KPIs for measuring and monitoring cyber risks on a continuous basis.
  3. Developing and managing Information Technology & Information Security Risk Program, using standard risk taxonomy, such as FAIR.
  4. Provide and perform independent assurance and validation activities over common cybersecurity controls that include both administrative and technical.
  5. Assess the accuracy, completeness, and sufficiency of the risk management governance framework, processes, and methodologies. Identify and define emerging cyber threats and risks to SG’s environment.
  6. Perform effective challenge of all critical and highly sensitive processes & controls, and business continuity.
  7. Develop cyber security risk scenarios to identify potential attack vectors and TTP (tactics, techniques, and procedures) to guide the continuous improvement of the firm’s cyber defense posture. Lead and support selected cyber security remediation efforts, involved with strategic planning with 1LOD.
  8. Recommend enhancements to data & technology architectures, processes, and controls to improve cybersecurity, data, and technology risk management capabilities for high-risk processes, regulatory reporting, and risk oversight.
  9. Develop and roll-out tools for the aggregation and surveillance of cybersecurity risk, data risk & technology risk.
  10. Identify legal, regulatory, and contractual requirements, and organizational policies and standards related to data management systems to determine their potential impact on the business objectives.
  11. Expand operational risk processes, data collection, and issues management tools to track and report data related to operational risks and issues.
  12. Participate in and review data breaches and technology incident/response escalation processes.
  13. Develop operational resiliency scenarios for stress testing and capital planning activities.
  14. Lead or support selected cybersecurity remediation efforts.

Profile required

Must Have:

  1. Bachelor’s and/or master’s degree in computer science, Engineering, or relevant technical field.
  2. Understanding of financial services specifically within cyber and data privacy related laws, regulations, frameworks, and guidelines (NYSDFS - 23NYCRR500, ECB, GDPR, GLBA, Regulation S-P, etc.).
  3. Experience in assessing design and operating effectiveness of technology controls.
  4. Solid foundation in information technology and information security principles. Familiar with common cybersecurity frameworks and standards such as NIST SP 800-53, NIST CSF, Mitre Attack, FFIEC CAT, CSC Top 20, COBIT, ISO 27000 series.
  5. Previous working experiences in cybersecurity operation and relevant security design knowledge.
  6. Previous work within Risk and/or Information Security/Cyber Security. Ideally, has worked in a 2 LOD Cyber Security Risk function.
  7. Background in IT Risk Assessment, IT Audit, Information security management.
  8. Experience integrating vulnerability and patch management tools with IT/IS risk program. Furthermore, communicate and determine vulnerability remediation priorities.
  9. Knowledge of US IT Security regulatory requirements and environment in financial services industry a plus (i.e. FFIEC, FINRA rules, SEC, NIST cybersecurity frameworks).
  10. Strong leadership skills with ability to lead by influence.

Nice to Have:

  1. IT Risk management or governance certifications (CGEIT, CRISC, CISA).
  2. CISSP, CISM, or CISA certifications.

LANGUAGE:

Ability to communicate in English, both orally and in writing, is a requirement as the person in this position will need to collaborate regularly with colleagues and partners in the United States.

Due to US Federal Securities law applying to this position, candidates who will apply for this position will be required to submit to an enhanced background screening, including the collection of their fingerprints by a third-party vendor selected by the Financial Industry Regulatory Authority ("FINRA").

#J-18808-Ljbffr