IT Auditor

Overview

Société Générale (SG) is a top-tier global European bank, headquartered in France, with 120,000 employees serving 26 million clients in more than 62 countries. We have been supporting the development of our economies for more than 160 years by providing our corporate, institutional and individual clients with a broad array of value-added financial solutions and advisory services. Our longstanding relationships of trust with clients, our cutting-edge expertise, our unique ability to innovate, our ESG capabilities and our leading franchises are part of our DNA and serve our core objective: to create sustainable value for all our stakeholders. The Group operates in three complementary business areas, incorporating ESG offers for all its clients.

• Global Banking and Investor Solutions, the Wholesale Banking arm of SG, is a top-tier player providing large corporates and investors with tailormade solutions with unique global leadership in equity derivatives, structured finance and ESG;
• French Retail Banking, Private Banking & Insurance, comprises the core of retail banking, private banking, insurance activities, and the leading online banking activities;
• Mobility, International Retail Banking & Financial Services, includes universal banks that are well-established on their local markets, Ayvens, a global player in sustainable mobility, as well as specialized financing activities.

In the Americas specifically, SG consists of U.S. and Canadian subsidiaries, branches and representative offices, as well as branches, subsidiaries and representative offices in Brazil, Chile, Mexico and other countries in Latin America relating to the Wholesale Banking Division of SG (collectively, “SG Americas”).

The SG Internal Group Audit Division (IGAD) represents SG’s independent internal audit function, comprised of over 1,200 professionals covering SG's global business and services in over 150 countries. Moreover, we have a dedicated team of about 60 professionals to cover SG Americas, SG Internal Audit Americas (“SGIAA”). The team is composed of individuals with diverse backgrounds and subject matter expertise based in New York, Sao Paulo, and the newly formed team in Montreal.

SGIAA conducts independent audits of operational entities in an objective, thorough and impartial manner in line with professional standards. In addition, SGIAA assesses the compliance of the Group's operations, the effective level of risk exposure and management, the adequate enforcement of procedures and the effectiveness and relevance of the permanent control set-up.

Role & Responsibilities

The IT Auditor Associate will be part of the Internal Audit IT Team covering Information Technology systems, Cyber Security and Data Management functions. The Associate is expected to have a high degree of independence and autonomy and participates in all stages of the audit process, under the supervision of the head of assignment. The candidate’s primary responsibilities will be to assist in:

• Participate in all types of regional or global IT audits, as part of either dedicated audits of IT functions or as part of integrated audits conducted in conjunction with the business/financial auditors.
• Independently and autonomously participate in the audit process: create diagnostic matrix with proposed processes and controls for review, identify use cases for data quality testing and relevant sampling strategies, provide concise and comprehensive debriefing presentation for IGAD management and auditees.
• Ensure that Audit management is informed, on a timely basis, of all significant issues arising from missions and of any event that may have an impact on the company.
• Write clear and impactful findings and audit reports that provide added value to the organization.
• Perform diligent follow-up of audit recommendations and action plans.
• Contribute to the development of risk assessment, internal control evaluations, and other processes necessary to determine areas of risk or weakness that will contribute to the development of audit plan and strategy.
• Participate in department-wide transformation projects (data analytics, digital transformation, etc.) and actively contribute, communicate and implement the changes, and support others through the process.

Profile Required

Required Skills and Qualifications:

• Bachelor's degree in Computer Science, Information Systems, Information Technology or a business discipline.
• At least 3 years of information systems experience, preferably within banking/financial institutions.
• Knowledge of cyber security principles, practices, and technologies.
• Knowledge of one or more IS/IT areas: governance, projects, developments and SDLC, production, security, risk management, disaster recovery planning, and technical infrastructure components.
• Familiarity with IS/IT processes (incident management, change management, release management, configuration management, etc.).
• Knowledge of IT security concepts, familiarity with vulnerability testing and awareness of security exploits.
• Familiarity with infrastructure components, such as: database management systems (e.g., DB2, SQL Server and Oracle), major computing platforms (Windows NT/2000, UNIX), client/server architectures, commonly used systems and applications, and web-based technologies, network components (firewalls, routers, switches, IAPs).
• Proficiency in security assessment tools and methodologies (e.g., vulnerability scanners, penetration testing).
• Understanding of network security, application security, and data protection.
• Familiarity with investment banking/financial services business and products.
• Familiarity with security and control frameworks such as ISO 17799, COBIT, COSO, Common Criteria, FFIEC, etc.
• Familiarity with regulations such as GLBA, the California Privacy Bill, or the Volcker Rule/Dodd-Frank Act.

Language: English communication, both oral and written, is required as the person in this position will need to collaborate with colleagues and partners in the United States.

Due to US Federal Securities law applying to this position, candidates will be required to submit to an enhanced background screening, including fingerprint collection by a third-party vendor selected by FINRA.

Why join us

Our benefits and culture are described below. This includes but is not limited to:

• Competitive compensation & benefits offering, including a minimum of 20 vacation days and 4 personal days;
• Supportive maternity, paternity, parental and adoption leave policy;
• Health spending ($2,000/year) and personal spending ($1,000/year) accounts with 75+ eligible reimbursement categories (health, training, electronics, etc.).
• Fully sponsored virtual healthcare assistance and Employee Assistance Program for you and your immediate family;
• Various Employee Resource Groups (ERG) to engage with such as Pride and Allies, American Women Network, Black Leadership Network, One Planet, etc.;
• Culture of continuous development through training programs (online training and coaching platforms such as Coursera, GoFluent, Pluralsight, First Finance, and others).

Company values and culture:

At Société Générale, we live by our core values of commitment, responsibility, team spirit and innovation. We are engaged and considerate, act ethically and with courage, and focus our talent and energy on collective success. We maximize our ability to serve client needs and anticipate market changes. We are committed to strengthening bonds with colleagues, communities, and the world. For more information about our Culture and Conduct initiatives, please visit our culture page.

Diversity & Inclusion (D&I): Our D&I Mission is to recruit, develop, advance, and retain a diverse workforce. Our D&I Vision includes an engaged, demographically diverse workforce, an inclusive culture, and engagement with our community and marketplace. More information about our D&I initiatives is available on our site.

Hybrid Work Environment: SG offers a hybrid work arrangement with remote and on-site options. Specific arrangements vary by business area and will be communicated by the applicable business lines.

#J-18808-Ljbffr