Societe Generale is one of the leading European financial services groups. Founded in 1864, we have been playing a vital role in the economy for over 150 years.
With more than 148,000 employees based in 76 countries worldwide, we accompany 32 million clients throughout the world on a daily basis.
Based on a diversified universal banking model, the Group combines financial strength with a strategy of sustainable growth.
Our expertise in the Asia Pacific region ranges from Corporate & Investment Banking (Advisory, Financing and Global Markets) to Asset Management, Securities Services, Trade Finance and Cash Management Services.
Leveraging on our formidable global footprint, we serve Corporates, Financial Institutions and the public sector. With our regional headquarters in Hong Kong, we operate in 11 countries across Asia Pacific, employing over 6,600 employees.
You can find us in Beijing, Seoul, Tokyo, Singapore, Mumbai, Sydney and other locations in the region.
At Societe Generale we have developed and continue to develop advanced programmes to support your career development. A diverse and comprehensive Learning & Development programme, a Junior programme for graduates and a Remuneration policy that stimulates your growth are just a few examples that illustrate how we help you to fulfil yourself personally and professionally, and how we develop your ability to adapt to ever-
changing environments and transform challenges into opportunities. RESG / GTS in Asia currently supports Société Générale’s IT infrastructures including workstations, computing centres, IT & telecom networks, and remains a major player in the group’s digital transition.
GTS works in close liaison with Paris to ensure the service continuity to our clients including GBIS, Securities & Private banking.
With more than 140 staffs onshore and offshore, RESG / GTS / ASI supports around 3000 users.
GTS / SEC is the operational risk management and operational security management function of GTS. Being the first line of defence for Societe Generale, its main objectives includes :
Improve the level of operational risk and security management for GTS
Enhance the tools and processes to meet new challenges in security
Meet regulatory expectation around risk management and Cybersecurity
Raise Security Awareness for SG staffs
Infrastructure Security & Risk projects / program management for the region
Work with Global Team to setup Program / Project planning and scoping for the region
Assist GTS skills teams for design and implantation of required controls and risk management framework
Communicate and report regularly and proactively on projects progression, and potential issues requiring escalations to the management
Work on the regulation Infrastructure related topics (questionnaire, assessment, propose solution and remediation) for RESG / GTS in ASIA
Coordinate within GTS the review and execution of operational / managerial supervision controls to ensure adequate risk coverage and compliance with global / local regulations;
Follow-up the correction of managerial supervision anomalies and action plans
Risk Control Self-Assessment (RCSA) for RESG / GTS in Asia
Follow security incidents and their remediation actions
Familiar with the change management processes
Interface with stakeholders at all levels, from technical engineers to senior management
Work closely with other risk and security departments, including all 3 lines of defence
Vulnerability management : conduct scan; reporting, remediation follow-up
Facilitate and coordinate Audit and Inspection missions
Cyber reporting : Production of various cyber security reporting (KPIs; KRIs). Coordinate GTS contribution to external stakeholders reporting and requests
Be the security Interface with stakeholders at all levels, from technical engineers to senior management locally, regionally and globally
Conduct security & risk awareness training to the Infrastructure teams
Expert knowledge in and IT operational risk management
Expert knowledge and experience in IT security
Knowledge and experience in common SIEM tools and security products
Professional certification recognized by Regulatory bodies like HKMA, e.g. CISM, CISA or CISSP, is mandatory
Knowledge and experience in IT infrastructure (speak the language, expertise not required)
Knowledge and experience in a banking environment will be beneficial but not essential
Familiar with Asia regulations around Cyber Security and Risks related topics will be preferred (such as CRAF for HKMA, TRM for MAS)
Good skills in Microsoft office, especially Excel
Good knowledge of SharePoint architecture and design
Good verbal, written, and interpersonal communication skills
Able to organize time, multitask, and define priorities (autonomy)
Able to interact with all level of the organization from operators to executive management members
Must be able to work collaboratively within a complex organization, across multiple cultures, geographies and disciplines
English proficiency required other spoken languages in the region or French are a plus.