Job Description
ResponsibilitiesABOUT THE JOB:The aim of Global Business Service Unit (GBSU) Canada is to deliver day-to-day services to Société Générale investment and corporate bank units and their clients to accelerate their transformation. GBSU differentiates itself from competitors with the pace of the agile transformation delivered, spreading the technology and data culture, shortening the decision-making process, and adopting a true industrial approach, leveraging on different teams either transversal or aligned to the different sub business units.As the Vulnerability Management Lead, you will oversee the vulnerability management and configuration management program for the AMER region. This role demands excellent communication skills, both written and verbal, along with the ability to influence others effectively. The ideal candidate will demonstrate practical expertise in executing a robust vulnerability and/or configuration management program, including timely responses to emerging threats in the financial services sector. This position requires strong technical analysis capabilities and a knack for process improvement, coupled with the skill to present program status and enhancement proposals to senior management.Preferred qualifications include a working knowledge of cybersecurity and risk assessment frameworks such as NIST, as well as familiarity with financial industry regulations like NYDFS 500, FINRA, and SEC. Reporting to the Director of Cyber Threat Defense (CTD) within the AMER Data and Cyber Security (DCS) department, the Vulnerability Management Lead collaborates closely with GBSU and GTS departments regionally and globally, in addition to engaging with SG CERT, DCS, and GTS teams.What will be your DAY-TO-DAY? Vulnerability & Configuration Management:Lead AMER vulnerability & configuration programs, overseeing risk, patching, and remediationManage discovery, evaluation, and implementation of scanning, patching, and testingProvide quarterly updates to senior management and align initiatives with InfoSec and business objectivesConduct comprehensive vulnerability and patching reviews, reporting issues, and proposing solutionsReview and approve improvement recommendations and communicate emerging threatsEnhance reporting framework to provide regular metrics and statistics, reporting to key stakeholdersProfile requiredSkills and Qualifications:Knowledge and Experience:5-10 years of information security experience, with hands-on expertise in vulnerability managementStrong communication skills, capable of presenting to various levels, from technical to senior managementProficiency in MS Office suiteStrong analytical, problem-solving, and process improvement skillsFamiliarity with tools like Qualys, Windows Defender, or equivalent for vulnerability management preferredUnderstanding of security best practices and risk assessment preferredEducation/Certifications:Bachelors degree in Cybersecurity, Computer Science, or Business Management, or equivalent experiencePreferred certifications: CISSP, CCSP, CISM, GSEC, CEH, or related security certificationsLanguages: French and EnglishAbility to communicate in English, both orally and in writing, is a requirement as the person in this position will need to collaborate regularly with colleagues and partners in the United States.Why join usOUR BENEFITS:WHAT WE DO DIFFERENTLY AT SOCIÉTÉ GÉNÉRALECompetitive compensation & benefits offering, including but not limited to:Minimum of 20 Vacation days+ 4personal days Supportive Maternity, paternity, parental and adoption leave policyHealth spending($2,000/year) andpersonal spending($1,000/year)accountswith 75+ eligible reimbursement categories (health, training, electronics etc.)Fully sponsored virtualhealthcare assistanceandEmployee Assistance Programto you and your immediate familyVarious Employee Resource Groups(ERG) to engage withsuch as Pride and Allies, American Women Network, Black Leadership Network, One planet, etc.Aculture of continuous developmentby encouraging our employees varioustraining programs(online training and coaching platform such as Coursera, GoFluent, Pluralsight, First Finance, and others)Business insightOUR CULTURE:At Societe Generale, we live by our 4 core values of commitment, responsibility, team spirit and innovation. We are engaged and demonstrate consideration for others. We act ethically and with courage. We focus our talent and energy on collective success. We experiment and propose new ideas. This way, we maximize our ability to serve client needs and anticipate market changes. Societe Generale is committed to strengthening bonds with colleagues, communities, and the world in which we live, because relationships are at the heart of how we operate.For more information about our Culture and Conduct initiatives, please visit this link (https://americas.societegenerale.com/en/careers/get-know-culture/)D&I:Our Diversity & Inclusion Mission: Recruit, develop, advance, and retain a diverse workforce that is united in our efforts to enhance our competitive position and deliver innovative solutions to our clients.Our Diversity & Inclusion Vision:• Engaged workforce that is demographically diverse in a way that reflects the communities in which we operate• Inclusive culture and workplace that recognizes employees unique needs and utilizes their diverse talents• Engage our community and marketplace, and position the organization to meet the needs of all its clientsFor more information about our D&I initiatives, please visit this link (https://americas.societegenerale.com/en/societe-generale-about/diversity-and-inclusion/)HYBRID WORK ENVIRONMENT:Societe Generale offers a hybrid work arrangement that offers employees the flexibility to work remotely, as well as on-site, in order to promote interaction and collaboration with colleagues while adhering to all SG standard protocols. Hybrid work arrangements vary based on business area. The applicable Business lines will determine and communicate the work arrangements that best meet their business needs.