Information Security Third Party Risk Management
6 months ago
**Responsibilities**:
**ABOUT THE JOB**:
**What will be your DAY-TO-DAY?**
- Develop and manage TPRM Info Sec Day to Day team both offshore and onshore
- Develop TPRM strategy for Americas region and be responsible for delivery of action plans ensuring conformity with third party risk management compliance (e.g. regulator, auditor, policy, etc.) requires and industry best practices
- Present strategy to senior management (C-suite level)
- Development of strong partnerships with business and support line stakeholders for collaboration on defining strategy, effective execution of vendor security assessments and proactive adoption of information security behaviors
- Assembly, monitoring, and reporting on vendor security metrics to ensure transparency, compliance, and steering of the perimeter
**Profile required**:
**Skills and Qualifications**:
**Must Have**:
- 12+ years’ demonstrable experience in Information Security Vendor Risk Management experience with at least 5+ years of management experience ideally with a remote / offshore team
- Proficient with and at least one GRC tool (highly recommended)
- Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) preferred
- Requires strong analytical skills, problem solving skills, and project/program management skills
- Demonstrated ability to perform Vendor Risk assessments through on-site visits and reviewing SSAE18s
- Ability to commit to deliver tasks in a timely and effective manner
- Ability to work in a team environment
- Ability to take responsibility for all actions performed on an individual basis
- Proven ability to manage issues through to resolution
- Solid understanding of the banking industry’s regulatory requirements for the managing of third parties (e.g., FFIEC)
- Experience working with legal or sourcing as part of contract design to include key provisions for Vendor Risk Management
- Hands-on knowledge of Information Security
- Proven track record of participating in Vendor Risk Management Programs
- Prior experience interfacing with external counterparties
- Excellent written and verbal communication skills
- Proven ability to manage issues through to resolution skilled at making sound decision-making calls
- Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times
- Excellent communication skills
**EDUCATION/CERTIFICATIONS**
- Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MS required
- Certified training in security management, risk and compliance solutions and practices
- CISSP, CCSP, CCSK, CISA, CISM, GSEC, CRISC, or related certification(s) required
**Languages: French and English**
**_ Ability to communicate in English, both orally and in writing, is a requirement as the person in this position will need to collaborate regularly with colleagues and partners in the United States_**_._
**Why join us**:
**OUR BENEFITS**:
**WHAT WE DO DIFFERENTLY AT SOCIÉTÉ GÉNÉRALE**
Competitive compensation & benefits offering, including but not limited to:
- Minimum of 20 Vacation days + 4 personal days
- Supportive Maternity, paternity, parental and adoption leave policy
- Health spending ($2,000/year) and personal spending ($1,000/year) accounts with 75+ eligible reimbursement categories (health, training, electronics etc.)
- Fully sponsored virtual healthcare assistance and Employee Assistance Program to you and your immediate family
- Various Employee Resource Groups (ERG) to engage with such as Pride and Allies, American Women Network, Black Leadership Network, One planet, etc.
- A culture of continuous development by encouraging our employees various training programs (online training and coaching platform such as Coursera, GoFluent, Pluralsight, First Finance, and others)
**Business insight**:
**OUR CULTURE**:
At Societe Generale, we live by our 4 core values of commitment, responsibility, team spirit and innovation. We are engaged and demonstrate consideration for others. We act ethically and with courage. We focus our talent and energy on collective success. We experiment and propose new ideas. This way, we maximize our ability to serve client needs and anticipate market changes. Societe Generale is committed to strengthening bonds with colleagues, communities, and the world in which we live, because relationships are at the heart of how we operate.
**D&I**:
Our Diversity & Inclusion Mission: Recruit, develop, advance, and retain a diverse workforce that is united in our efforts to enhance our competitive position and deliver innovative solutions to our clients.
- Our Diversity & Inclusion Vision:
- Engaged workforce that is demographically diverse in a way that reflects the communities in which we operate
- Inclusive culture and workplace that recognizes employees' unique needs and utilizes their diverse talents
- Engage our community and marketplace, and position the o
-
Expert, Information Security Third Party Risk
6 months ago
Montréal, Canada CN Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...
-
Head of Information Security
7 months ago
Montréal, Canada WSP Full time**Position Summary** WSP’s Information Security Office (ISO) is responsible for the deployment of the information security framework in to both the IT organization and wider business community. This includes the Governance mechanisms, policies and processes, tools and technologies, and employee training required to protect WSP information and that of our...
-
Business Information Security Officer
7 months ago
Montréal, Canada WSP Full time**Position Summary** WSP’s Information Security Office (ISO) is responsible for the deployment of the information security framework in to both the IT organization and wider business community. This includes the Governance mechanisms, policies and processes, tools and technologies, and employee training required to protect WSP information and that of our...
-
IT Specialist, Security
8 months ago
Montréal, Canada Saputo Inc. Full timeAt Saputo, our best comes from our people. We’re a talented and caring team with a longstanding history of excellence. Since our first days delivering cheese on a bicycle, we’ve grown into a leading global dairy processor by staying true to the culture that defines us. Each of our employees is committed to uphold our tradition of care, quality, and...
-
Cyber Supply Chain Risk Manager
3 months ago
Montréal, QC, Canada Intact Full timeOur employees are at the heart of what we do best: helping people, businesses and society prosper in good times and be resilient in bad times. When you join our team, you’re bringing this purpose to life alongside a passionate community of experts. Feel empowered to learn and grow while being valued for who you are - here, diversity is a strength. You...
-
Analyst, Cybersecurity
2 weeks ago
Montréal, QC, Canada QUANTEAM (Groupe RAINBOW PARTNERS) Full timeAs the founding entity of RAINBOW PARTNERS, Quanteam is a consulting firm specializing in Banking, Finance, and Financial Services. Guided by our core values of closeness, teamwork, diversity, and excellence, our team of 1,000 expert consultants, representing 35 different nationalities, collaborates across 10 international offices: We are looking for a...
-
Cyber Security and Information Technology Risk
6 months ago
Montréal, Canada Business Development Bank of Canada Full timeWe are banking at another level. Choosing BDC as your employer means working in a healthy, inclusive, and skilled workplace that puts forward the best conditions to bring together unique teams where employees are empowered to act. It also means being at the centre of ambitious economic and financial projects to see further and to do things differently, to...
-
Security Manager
7 months ago
Montréal, Canada Coca-Cola Canada Bottling Limited Full timeFacility Location - L'Assomption Employee Type - Regular Employee FT Salaried **About This Opportunity**: Reporting to the Director, OU Customer Operations, the Security Manager is primarily responsible for the physical security of Coke Canada Bottling's facilities, assets and employees, collective bargaining contingency planning, assisting Human Resources...
-
Supply Chain Analyst
1 month ago
Montréal, QC, Canada Pharmascience Inc. Full time**Job Summary** Reporting directly to the Senior Manager, Supply Chain Management, the main role of the Supply Chain Analyst, Third-Party is to define and execute the supply strategy to ensure the continuity of the supply chain in the short and long term for the molecules in their portfolio for the Canadian and international markets; under a framework of...
-
Cyber Security and Information Technology Risk Lead
6 months ago
Montréal, Canada Business Development Bank of Canada Full timeWe are banking at another level. Choosing BDC as your employer means working in a healthy, inclusive, and skilled workplace that puts forward the best conditions to bring together unique teams where employees are empowered to act. It also means being at the centre of ambitious economic and financial projects to see further and to do things differently, to...
-
Bilingual Security Manager
6 months ago
Montréal, Canada Coca-Cola Canada Bottling Limited Full timeFacility Location - L'Assomption Employee Type - Regular Employee FT Salaried **About This Opportunity**: The Security Manager is primarily responsible for the physical security of Coke Canada Bottling’s facilities, assets and employees, collective bargaining contingency planning, assisting Human Resources with investigations and the retrieval of company...
-
Manager, Operational Risk
6 months ago
Montréal, Canada KPMG Full timeOverview: At KPMG, you’ll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world. **The opportunity** What you will do: You will work closely with the risk management team on major projects and contribute to business development. The incumbent...
-
Security Manager
4 months ago
Montréal, QC, Canada Coca-Cola Canada Bottling Limited Full timeFacility Location - L'Assomption Employee Type - Regular Employee FT Salaried **About This Opportunity**: The Security Manager is primarily responsible for the physical security of Coke Canada Bottling’s facilities, assets and employees, collective bargaining contingency planning, assisting Human Resources with investigations and the retrieval of company...
-
Bilingual Security Manager
6 months ago
Montréal, Canada Coca-Cola Canada Bottling Limited Full timeFacility Location - L'Assomption Employee Type - Regular Employee FT Salaried **About This Opportunity**: The Security Manager is primarily responsible for the physical security of Coke Canada Bottling’s facilities, assets and employees, collective bargaining contingency planning, assisting Human Resources with investigations and the retrieval of company...
-
Mortgage Funder, Third Party Residential
3 months ago
Montréal, QC, Canada First National Financial Full timeFirst National is proud to be an equal opportunity employer and is committed to diversity and inclusion regardless of race, color, religion, national origin, age, gender identity, physical or mental disability, sexual orientation and any other category protected by law. We are hiring a Mortgage Funder, Third Party Residential Underwriting! **Reporting To**:...
-
IT Security Risk Analyst
6 months ago
Montréal, Canada WSP Full timeWSP’s Information Security Office (ISO) is responsible for the deployment and maintenance of the information security framework for both the IT organization and wider business community. This includes the Governance mechanisms, policies and processes, tools and technologies, and employee training required to protect WSP information and that of our...
-
Information Security Risk Assessment Analyst
2 months ago
Montréal, QC, Canada NTT DATA Full timeWe are currently seeking a **Information Security Risk Assessment Analyst** to join our team in Montreal, Quebec (CA-QC), Canada (CA). **Job Responsibilities Include**: - Conducting remote/in-person interviews with system owners/vendors to get all the required information for assessment and to identify any gaps. - Reviewing system-related material...
-
Director, Information
6 months ago
Montréal, Canada Via HFR Full timeAt VIA HFR, we are re-imagining passenger rail service on behalf of the Government of Canada! Our goal is to create a new sustainable train network that that will run faster, more often and will be more reliable between Toronto and Québec City. The HFR project is Canada's largest infrastructure project in generations. Are you ready to take on a stimulating...
-
IT Security Manager
3 months ago
Montréal, QC, Canada Connect&Go Full timeWe are Connect&GO, a global tech leader providing attractions management software that empowers venues to create unforgettable guest experiences. We simplify operations and boost revenue while relentlessly focusing on customer needs. Our culture is built on innovation, fueled by fun and laughter. Join us as we challenge industry norms, drive value for our...
-
Specialist, Operational Risk Management
6 months ago
Montréal, Canada Business Development Bank of Canada Full timeWe are banking at another level. Choosing BDC as your employer means working in a healthy, inclusive, and skilled workplace that puts forward the best conditions to bring together unique teams where employees are empowered to act. It also means being at the centre of ambitious economic and financial projects to see further and to do things differently, to...