Operational Risk Manager – Cybersecurity Risks
2 days ago
The Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our Risk Management team, you will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk in the organization.
Key Responsibilities- Perform full range of technology and information and cyber security risk management lifecycle activities, including risk identification, assessment, reporting, and oversight of remediation planning and execution.
- Partner with Chief Information Security Officer (CISO), and IT organizations to establish standards, policies, and develop KRIs and KPIs for measuring and monitoring cyber risks on a continuous basis.
- Develop and manage Information Technology & Information Security Risk Program, using standard risk taxonomy, such as FAIR.
- Provide and perform independent assurance and validation activities over common cybersecurity controls that include both administrative and technical.
- Assess the accuracy, completeness, and sufficiency of the risk management governance framework, processes, and methodologies. Identify and define emerging cyber threats and risks to SG's environment.
- Perform effective challenge of all critical and highly sensitive processes & controls, and business continuity.
- Develop cyber security risk scenarios to identify potential attack vectors and TTP (tactics, techniques, and procedures) to guide the continuous improvement of the firm's cyber defense posture. Lead and support selected cyber security remediation efforts, involved with strategic planning with 1LOD.
- Recommend enhancements to data & technology architectures, processes, and controls to improve cybersecurity, data, and technology risk management capabilities for high-risk processes, regulatory reporting, and risk oversight.
- Develop and roll-out tools for the aggregation and surveillance of cybersecurity risk, data risk & technology risk.
- Identify legal, regulatory, and contractual requirements, and organizational policies and standards related to data management systems to determine their potential impact on the business objectives.
- Expand operational risk processes, data collection, and issues management tools to track and report data related operational risks and issues.
- Participate in and review data breaches and technology incident/response escalation processes.
- Develop operational resiliency scenarios for stress testing and capital planning activities.
- Lead or support selected cybersecurity remediation efforts.
- Bachelor and/or master's degree in computer science, Engineering, or relevant technical field.
- Understanding of financial services specifically within cyber and data privacy related laws, regulations, frameworks, and guidelines (NYSDFS - 23NYCRR500, ECB, GDPR, GLBA, Regulation S-P, etc.).
- Experience in assessing design and operating effectiveness of technology controls.
- Solid foundation in information technology and information security principles. Familiar with common cybersecurity frameworks and standards such as NIST SP 800-53, NIST CSF, Mitre Attack, FFIEC CAT, CSC Top 20, COBIT, ISO 27000 series.
- Previous working experiences in cybersecurity operation and relevant security design knowledge.
- Previous work within Risk and/or Information Security/Cyber Security. Ideally, has worked in a 2 LOD Cyber Security Risk function.
- Background in IT Risk Assessment, IT Audit, Information security management.
- Experience integrating vulnerability and patch management tools with IT/IS risk program. Furthermore, communicate and determine vulnerability remediation priorities.
- Knowledge of US IT Security regulatory requirements and environment in financial services industry a plus (i.e. FFIEC, FINRA rules, SEC, NIST cybersecurity frameworks).
- Strong leadership skills with ability to lead by influence.
- IT Risk management or governance certifications (CGEIT, CRISC, CISA).
- CISSP, CISM, or CISA certifications.
Ability to communicate in English, both orally and in writing, is a requirement as the person in this position will need to collaborate regularly with colleagues and partners in the United States.
Why Join UsAt SGS Société Générale de Surveillance SA, we offer a hybrid work arrangement that offers employees the flexibility to work remotely, as well as on-site, in order to promote interaction and collaboration with colleagues while adhering to all SG standard protocols. Our benefits include a minimum of 20 Vacation days + 4 personal days, supportive Maternity, paternity, parental, and adoption leave policy, health spending ($2,000/year) and personal spending ($1,000/year) accounts with 75+ eligible reimbursement categories, fully sponsored virtual healthcare assistance and Employee Assistance Program to you and your immediate family, various Employee Resource Groups (ERG) to engage with, and a culture of continuous development by encouraging our employees through various training programs.
-
Operational Risk Manager Cybersecurity Risks
3 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Societe Generale de Surveillance SA is seeking a Cybersecurity Risk Manager to join their team. As a key member of the department, you will contribute to the sustainable growth of the company through your expertise in risk management and cybersecurity.ResponsibilitiesEvaluate overall cybersecurity risk and...
-
Operational Risk Manager Cybersecurity Risks
3 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Societe Generale de Surveillance SA is seeking a Cybersecurity Risk Manager to join their team. As a key member of the department, you will contribute to the sustainable growth of the company through your expertise in risk management and cybersecurity.ResponsibilitiesEvaluate overall cybersecurity risk and...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management Department. As a key member of our team, you will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk in the organization.Key ResponsibilitiesPerform...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management Department. As a key member of our team, you will be responsible for evaluating overall cybersecurity risk, maintaining an active view, and reporting on the actual, mitigated, and residual cybersecurity risk in the organization.Key ResponsibilitiesPerform...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management team at SGS Société Générale de Surveillance SA. As a key member of our team, you will be responsible for evaluating and managing cybersecurity risks across our organization.ResponsibilitiesPerform comprehensive risk assessments to identify and mitigate...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management team at SGS Société Générale de Surveillance SA. As a key member of our team, you will be responsible for evaluating and managing cybersecurity risks across our organization.ResponsibilitiesPerform comprehensive risk assessments to identify and mitigate...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management team at SGS Société Générale de Surveillance SA. As a key member of our team, you will be responsible for evaluating and managing cybersecurity risks across our organization.ResponsibilitiesEvaluate and assess cybersecurity risks to identify potential...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management team at SGS Société Générale de Surveillance SA. As a key member of our team, you will be responsible for evaluating and managing cybersecurity risks across our organization.ResponsibilitiesEvaluate and assess cybersecurity risks to identify potential...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management Department. As a key member of our team, you will be responsible for evaluating and managing cybersecurity risks across our organization.ResponsibilitiesPerform comprehensive risk assessments to identify and mitigate cybersecurity threats.Develop and...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management Department. As a key member of our team, you will be responsible for evaluating and managing cybersecurity risks across our organization.ResponsibilitiesPerform comprehensive risk assessments to identify and mitigate cybersecurity threats.Develop and...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management team at SGS Société Générale de Surveillance SA. As a key member of our team, you will be responsible for evaluating and managing cybersecurity risks across our organization.ResponsibilitiesPerform comprehensive risk assessments to identify and mitigate...
-
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management team at SGS Société Générale de Surveillance SA. As a key member of our team, you will be responsible for evaluating and managing cybersecurity risks across our organization.ResponsibilitiesPerform comprehensive risk assessments to identify and mitigate...
-
Cybersecurity Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our Risk Management Department, you will play a critical role in helping us achieve our mission of sustainable growth through risk management expertise.ResponsibilitiesThe...
-
Cybersecurity Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleThe Risk Management Department at SGS Société Générale de Surveillance SA is seeking a highly skilled Cybersecurity Risk Manager to join our team. As a key member of our Risk Management Department, you will play a critical role in helping us achieve our mission of sustainable growth through risk management expertise.ResponsibilitiesThe...
-
Cybersecurity Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management Department at SGS Société Générale de Surveillance SA. As a key member of our team, you will play a critical role in evaluating and managing cybersecurity risks across our organization.ResponsibilitiesThe successful candidate will be responsible...
-
Cybersecurity Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management Department at SGS Société Générale de Surveillance SA. As a key member of our team, you will play a critical role in evaluating and managing cybersecurity risks across our organization.ResponsibilitiesThe successful candidate will be responsible...
-
Cybersecurity Risk Manager
1 week ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management Department. As a key member of our team, you will be responsible for evaluating and managing cybersecurity risks across our organization.Key ResponsibilitiesPerform comprehensive risk assessments and develop strategies to mitigate cybersecurity...
-
Cybersecurity Risk Manager
1 week ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management Department. As a key member of our team, you will be responsible for evaluating and managing cybersecurity risks across our organization.Key ResponsibilitiesPerform comprehensive risk assessments and develop strategies to mitigate cybersecurity...
-
Cybersecurity Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management Department. As a key member of our team, you will be responsible for evaluating and managing cybersecurity risks across our organization.ResponsibilitiesEvaluate and assess cybersecurity risks, identifying potential threats and vulnerabilities.Develop and...
-
Cybersecurity Risk Manager
7 days ago
Montreal, Quebec, Canada SGS Société Générale de Surveillance SA Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Manager to join our Risk Management Department. As a key member of our team, you will be responsible for evaluating and managing cybersecurity risks across our organization.ResponsibilitiesEvaluate and assess cybersecurity risks, identifying potential threats and vulnerabilities.Develop and...
