TASKS AND RESPONSIBILITIES The IS Auditor - VP of Audit is highly involved in all stages of the audit process. His primary responsibilities within the Internal Audit Department include but are not limited to the following:
Lead all types of IS/IT audits typically in New York, and across the whole region when required, as part of either dedicated audits of IS/IT functions or as part of integrated audit conducted in conjunction with the business/financial auditors.
Assume primary responsibility for audits or for specific areas within larger audits (i.e. integrated or global), specifying audit scope, resource requirements, time-scales and deliverables.
Ensure the successful execution and reporting of missions for which specific responsibility is assigned.
Write clear and impactful reports that provide added value to senior management. During the writing stage, ensure that Audit management comments are relevant and respond directly to the questions that are being raised.
Contribute actively to business audits, in order to identify IS/IT stakes within complex business topics.
Maintain a regular communication with audited entities/departments' management.
Assume prime responsibility for the diligent follow-up of audit recommendations raised with the functions, while audit clearance supervisor signs off audit recommendations in the tracking tool.
Ensure that Audit management is informed, on a timely basis, of all significant issues arising from missions and of any event that may have an impact on the Company.
Contribute to the periodic evaluation of the firm's risk assessment, both annually and in conjunction with each review performed.
Assist with the development of risk assessment/diagnostics, internal control evaluations, and other processes necessary to determine areas of risk or weakness that will contribute to the development of audit programs.
Special projects and other duties, as assigned.
Maintain a professional and independent image for Internal Audit across the Group.
Ensure that the Internal Audit methodology is adhered to on every mission.
Identify opportunities for improving the audit process and share ideas with Management.
Coach other project team members and ensure that they learn from their work and develop their competencies.
Although there is minimal travel, candidates must have the ability to travel for periods of 1-3 weeks (typically) when required (USA, Canada, Brazil, and France). The department uses a risk-based approach to Internal auditing, and does not rely on pre-defined check lists. Auditors operating at the senior level are expected to have a high degree of technical proficiency and personal skills to critically analyze complex topics in deep. Out-of-the-box thinking is encouraged.
Experience preferred in audits covering cybersecurity, infrastructure and AML/ payment processing.
Deep knowledge of several IS/IT areas, notably: governance, projects, developments and SDLC, production, security, risk management, disaster recovery planning, and technical infrastructure components.
Knowledge of IT Security concepts, familiarity with vulnerability testing and awareness of security exploits
Familiarity with one or more security and control frameworks such as ISO 17799, COBIT, COSO, Common Criteria, FFIEC, etc.
Risk oriented knowledge of Infrastructure components, such as: Database management systems (e.g., DB2, SQL Server and Oracle), major computing platforms (Windows NT/2000, UNIX operating systems) and client/server architectures, commonly used systems and applications, and web-based technologies, Network components (firewalls, routers, switches, IAPs)
Working knowledge of regulations and statutes such as: GLBA, the California Privacy Bill, or the Volker Rule / Dodd Frank Act
Competencies: The IS Auditor - VP of Audit must be able to work independently, meet budgets and deadlines, and be able to manage relationships with auditees and audit counterparts during all stages of the audit. Specifically, the candidate should demonstrate the following skills and competencies: Results Orientation:
Establishes goals, priorities, and realistic plans that maximize the use of resources
Is a self-starter
Has good project management skills (organization and time management)
Demonstrates initiative, integrity, creativity, and a strong desire to learn
Has strong analytical and problem solving skills
Has sound verbal and written communication skills
Attention to detail while maintaining cost/benefit of work performed Client Focus:
Is Service orientated with good interpersonal and negotiation skills Cooperation:
Involves and collaborates with others; shares information; searches for win/win solutions; facilitates resolution of conflict
Is a demonstrated team player
Ability to effectively lead a discussion or meeting at high level. Qualifications: Experience Needed:
Candidate should have at least 7-10 years of information systems experience, with a minimum of 3 years in Information Systems / Information Technology auditing, preferably within banking/financial institutions.
Desired / Plus:
Candidates with IS/IT operational experience or IS/IT consulting experience will be considered in priority.
Educational Requirements: Required:
Bachelor's degree in Computer Science, Information Systems, Information Technology or a business discipline.
Desired / Plus:
ISACA certifications: CISA (or to be obtained quickly after the recruitment).
Other certifications considered a plus: CGEIT, CNE, MCSE, MCP, CCSP, CCIE, CCNA
DEPARTMENT DESCRIPTION Société Générale is a major European financial institution with a global presence, with over 148,000 employees working in 76 countries. Société Générale offers a wide variety of Consumer, Specialized Financial Services and Corporate & Investment Banking services. Within the Americas region, Société Générale has over 3,500 employees. The Inspection and Audit Division (DCPE) represents the independent audit function within Société Générale (SG) Group. The SG Americas Internal Audit Department (DCPE/AUD/GBI/AME) is a group of about 50 professionals, located in New York, Chicago and Sao Paulo. The Department is organized into several business line and information systems/technology (IS/IT) focused audit teams. The Americas IS/IT Audit team is a team of 10 auditors that focus on the review of information systems (primarily GBIS/ITEC) and technology services (primarily RESG/GTS) across the region. The Americas Audit team is responsible for the audits of all SG business activities in the region, and their related support functions:
Global Banking and Investor Solutions (GBIS). GBIS offers solutions for its clients by capitalizing on its worldwide expertise in corporate & investment banking, private banking, asset management (Lyxor Inc) and custodian services. For the Americas region, GBIS is headquartered in New York with a significant presence in Chicago. In the Americas, GBIS is primarily focused on corporate & investment banking:
MARK - Global Markets (equities, fixed income, currencies, commodities, prime brokerage).
LYXOR - Asset managementand advisory solutions, in all asset classes, to investors.
CORI & GLFI - Global Finance offer global advisory and coverage to clients, and structured finance and capital raising solutions.
International Banking and Financing Services (IBFS). IBFS offers services to its clients in the US (New York), Brazil (Sao Paulo) and Mexico (Mexico City) including consumer finance, equipment finance and vehicle finance.
Global Transaction & Payment Services (GTPS). GTPS provides clearing and cash management services in the US and Trade Finance services in Brazil.
All our positions are open to people with disabilities
Job code: 19000DTY Business unit: SG AMERICAS OPERATIONAL SECURITIES Starting date: Immediate Date of publication: 21/08/2019
Internal Number: 6292098
About SOCIETE GENERALE
eFinancialCareers is a career site specializing in financial services.