VP, IT Operational Risk Manager
- London, England, United Kingdom London England GB
- Permanent, Full time
- Société Générale - UK
- 22 Apr 18 2018-04-22
VP, IT Operational Risk Manager
People join for the impact they can have on us. They stay for the impact we have on them. A flatter structure offers visibility and exposure beyond that of our competitors, so you know our names, and we know yours. It's personable, human, and inspires success through passion. By encouraging open mindedness and a willingness to share ideas, we have adapted to market changes and thrived through innovation. Bringing words like “hard work” and “dedication” together with “community” and “respect” has enabled us to work collaboratively and build our future together. We call this Team Spirit and it's what makes us different. It's what makes you different.
Description of the Business Line or Department
The Security and Anti Fraud Expertise (‘SAFE') department is responsible for providing oversight and support on all operational risk topics and permanent control frameworks across GBIS.
SAFE's key aims are to:
• Ensure that each Business Line and Support Functions within GBIS manage their operational Risk;
• Set up and maintain Permanent Control Governance, Policies and Standards;
• Implement and coordinate Operational Risk management processes;
• Monitor Operational Risks;
• Challenge controls and controls framework effectiveness;
• Detect and Prevent Fraud and Rogue trading with a dedicated team (including FBK controls);
• Reinforce operational risk management culture;
• Manage IT Security and Cyber-criminality frameworks
• Business Continuity Management.
Summary of the key purposes of the role
SAFE ITS (ITEC and Information Security) is in charge of defining a prevention and detection framework around Information Security and Cyber-Attacks within the GBIS perimeter.
The team is comprised of Operational Security Managers (‘OSM') who are closely aligned to the Information Technology department (‘ITEC'), and assists them in identifying and mitigating their operational risks, and Information Security Correspondent who provides GBIS with a view of their information security risks and defines a strategy to address those identified.
Summary of responsibilities
- Monitor Operational Risks of ITEC;
- Assist business partners in preventing, identifying, managing and mitigating their Operational Risks;
- Set up and maintain Permanent Control Governance, Policies and Standards;
- Produce risk mappings, monitor and provide commentary on key risk indicators and perform spot checks;
- Raise awareness on the organisations risk culture;
- Perform risk assessments (Outsourced Essential Services, New Product committees, RCSA) based upon priorities defined
- Coordinate investigations with other EMEA and regional OSMs
- Ensure operational errors and Incidents are adequately collected into Loss Collection Tool (Caroline)
Level of Autonomy and Authority
Working under the supervision of reporting manager, autonomy to be defined and refined under that supervision.
• Microsoft tools (PowerPoint, Excel, Word)
• Risk analysis methodology
• Knowledge of Information Security standards and best practices (e.g. ISO 27001, etc)
• Good communicant
• Problems solving
• Solutions oriented
• Analytical approach
• Experience in Operational Risk (in an Investment banking would be a big plus)
• Experience in an IT related position
• Experience in Information Security would be a plus
• Master degree or equivalent on Information Technology
• Information Security certifications (e.g. CISSP) would be a plus
• Fluent English,
• French an advantage
If you feel you have the required experience and qualifications, then please apply to the SG Resourcing Team, and we will manage your application. At Societe Generale, we believe our people are our strength and are core to the success of our business. As such, we search for, recruit and appoint the best available person on the basis of aptitude and ability, regardless of sex, marital or civil partnership status, race, colour, nationality, ethnic or national origins, pregnancy, disability, age, sexual orientation, religion, belief or gender reassignment.