Operational Risk Manager – Cybersecurity Specialist
2 weeks ago
The Risk Management Department at SGS Société Générale de Surveillance SA contributes to the sustainable growth of the company through its expertise, understanding of risks, and risk management techniques. The department's mission is to independently analyze, assess, manage and monitor risk-taking activities with the objective of achieving, together with the first line-of-defense, the best possible outcome for the company.
The department oversees the enterprise, strategic, credit, market, liquidity, operational, model, and other risks of the corporate and investment banking business activities.
Job SummaryThe Head of Cybersecurity Risk is looking to hire a Cybersecurity Risk Manager that will join the RISQ/OPE organization to help further define the 2nd line of defense processes, policies and tools for SG's data and technology environments.
Key Responsibilities- Perform full range of technology and information and cyber security risk management lifecycle activities, including risk identification, assessment, reporting and oversight of remediation planning and execution.
- Partner with Chief Information Security Officer (CISO), and IT organizations to establish standards, policies, and develop KRIs and KPIs for measuring and monitoring cyber risks on a continuous basis.
- Developing and managing Information Technology & Information Security Risk Program, using standard risk taxonomy, such as FAIR.
- Provide and perform independent assurance and validation activities over common cybersecurity controls that include both administrative and technical.
- Assess the accuracy, completeness, and sufficiency of the risk management governance framework, processes and methodologies.
- Identify and define emerging cyber threats and risks to SG's environment.
- Perform effective challenge of all critical and highly sensitive processes & controls, and business continuity.
- Develop cyber security risk scenarios to identify potential attack vectors and TTP (tactics, techniques and procedures) to guide the continuous improvement of firm's cyber defense posture.
- Lead and support selected cyber security remediation efforts, involved with strategic planning with 1LOD.
- Recommend enhancements to data & technology architectures, processes and controls to improve cybersecurity, data and technology risk management capabilities for high-risk processes, regulatory reporting and risk oversight.
- Develop and roll-out tools for the aggregation and surveillance of cybersecurity risk, data risk & technology risk.
- Identify legal, regulatory, and contractual requirements, and organizational policies and standards related to data management systems to determine their potential impact on the business objectives.
- Expand operational risk processes, data collection and issues management tools to track and report data related operational risks and issues.
- Participate in and review data breaches and technology incident/response escalation processes.
- Develop operational resiliency scenarios for stress testing and capital planning activities.
- Lead or support selected cybersecurity remediation efforts.
Must Have:
- Bachelor and or master's degree in computer science, Engineering or relevant technical field.
- Understanding of financial services specifically within cyber and data privacy related laws, regulations, frameworks and guidelines.
- Experience in assessing design and operating effectiveness of technology controls.
- Solid foundation in information technology and information security principles.
- Previous working experiences in cybersecurity operation and relevant security design knowledge.
- Previous work within Risk and/or Information Security/Cyber Security. Ideally, has worked in a 2 LOD Cyber Security Risk function.
- Background in IT Risk Assessment, IT Audit, Information security management.
- Experience integrating vulnerability and patch management tools with IT/IS risk program.
- Knowledge of US IT Security regulatory requirements and environment in financial services industry.
- Strong leadership skills with ability to lead by influence.
Nice to Have:
- IT Risk management or governance certifications.
- CISSP, CISM, or CISA certifications.
Ability to communicate in English, both orally and in writing, is a requirement as the person in this position will need to collaborate regularly with colleagues and partners in the United States.
-
Cybersecurity Risk Management Specialist
5 days ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistDomtar Corporation is seeking a highly skilled Cybersecurity Risk Management Specialist to join our team. As a key member of our IT Compliance & Governance Security team, you will play a critical role in maintaining and improving our IT risk management framework, managing IT exceptions, and performing 3rd party vendor...
-
Cybersecurity Risk Management Specialist
5 days ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistDomtar Corporation is seeking a highly skilled Cybersecurity Risk Management Specialist to join our team. As a key member of our IT Compliance & Governance Security team, you will play a critical role in maintaining and improving our IT risk management framework, managing IT exceptions, and performing 3rd party vendor...
-
Operational Risk Manager
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our organization, you will play a critical role in defining and implementing our 2nd line of defense processes, policies, and tools for our data and technology environments.Key...
-
Operational Risk Manager
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our organization, you will play a critical role in defining and implementing our 2nd line of defense processes, policies, and tools for our data and technology environments.Key...
-
Cybersecurity Risk Management Specialist
2 weeks ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management strategy at Domtar Corporation. This position involves refining the IT risk management framework, overseeing IT exceptions, and conducting...
-
Cybersecurity Risk Management Specialist
1 month ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management practices at Domtar Corporation. This role involves the ongoing maintenance and enhancement of the IT risk management framework, overseeing IT...
-
Cybersecurity Risk Management Specialist
1 month ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management strategy at Domtar Corporation. This position involves refining the IT risk management framework, overseeing IT exceptions, and conducting...
-
Cybersecurity Risk Management Specialist
2 weeks ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management practices at Domtar Corporation. This role involves the ongoing maintenance and enhancement of the IT risk management framework, overseeing IT...
-
Cybersecurity Risk Management Specialist
2 weeks ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the Manager of IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management practices at Domtar Corporation. This includes the upkeep and refinement of the IT risk management framework, overseeing IT exceptions,...
-
Cybersecurity Risk Management Specialist
1 month ago
Montreal, Quebec, Canada Domtar Corporation Full timeCybersecurity Risk Management SpecialistIn collaboration with the Manager of IT Compliance & Governance Security team, the Cybersecurity Risk Management Specialist will play a vital role in enhancing the IT risk management practices at Domtar Corporation. This includes the upkeep and refinement of the IT risk management framework, overseeing IT exceptions,...
-
Operational Risk Manager
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our organization, you will play a critical role in defining and implementing effective cybersecurity risk management processes, policies, and tools to protect our data and...
-
Operational Risk Manager
3 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our organization, you will play a critical role in defining and implementing effective cybersecurity risk management processes, policies, and tools to protect our data and...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our team at SGS Société Générale de Surveillance SA. As a key member of our Risk Management Department, you will play a critical role in evaluating and mitigating cybersecurity risks across our organization.ResponsibilitiesConduct thorough risk assessments and develop...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our team at SGS Société Générale de Surveillance SA. As a key member of our Risk Management Department, you will play a critical role in evaluating and mitigating cybersecurity risks across our organization.ResponsibilitiesConduct thorough risk assessments and develop...
-
Operational Risk Manager
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our Risk Management team, you will play a critical role in evaluating and managing cybersecurity risks across the organization.Key ResponsibilitiesPerform full range of...
-
Operational Risk Manager
2 weeks ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our Risk Management team, you will play a critical role in evaluating and managing cybersecurity risks across the organization.Key ResponsibilitiesPerform full range of...
-
Cybersecurity Risk Management Specialist
1 month ago
Montreal, Quebec, Canada Domtar Full timeJob Overview The Cybersecurity Risk Management Specialist will play a vital role in supporting the IT Compliance & Governance Security team at Domtar. This position is essential for enhancing the IT risk management framework, overseeing IT exceptions, and conducting assessments of third-party vendors. The specialist will engage in both Business and IT...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our team at SGS Société Générale de Surveillance SA. As a key member of our Risk Management Department, you will play a critical role in identifying, assessing, and mitigating cybersecurity risks across our organization.ResponsibilitiesDevelop and implement comprehensive...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our team at SGS Société Générale de Surveillance SA. As a key member of our Risk Management Department, you will play a critical role in identifying, assessing, and mitigating cybersecurity risks across our organization.ResponsibilitiesDevelop and implement comprehensive...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our team at SGS Société Générale de Surveillance SA. As a key member of our Risk Management Department, you will play a critical role in evaluating and mitigating cybersecurity risks across our organization.ResponsibilitiesPerform comprehensive risk assessments and develop...
