IT Auditor

Responsibilities

Société Générale (“SG”) is a top-tier global European bank, headquartered in France, with 120,000 employees serving approximately 26 million clients across more than 62 countries. We have supported economic development for over 160 years by providing a wide range of financial solutions and advisory services to corporate, institutional, and individual clients.

Our core values include long-standing client relationships, cutting-edge expertise, innovation, ESG capabilities, and leading franchises, all aimed at creating sustainable value for stakeholders.

The Group operates in three key business areas with ESG offerings for all clients:

• Global Banking and Investor Solutions: the Wholesale Banking arm, offering tailored solutions with leadership in equity derivatives, structured finance, and ESG.
• French Retail Banking, Private Banking & Insurance: focusing on retail banking, private banking, insurance, and online banking.
• Mobility, International Retail Banking & Financial Services: includes local market banks, Ayvens in sustainable mobility, and specialized financing.

In the Americas, SG comprises U.S. and Canadian subsidiaries, branches, and offices in Brazil, Chile, Mexico, and Latin America, mainly within Wholesale Banking.

The SG Internal Group Audit Division (IGAD) is an independent internal audit function with over 1,200 professionals in more than 150 countries. SGIAA, dedicated to the Americas, has about 60 professionals based in New York, Sao Paulo, and Montreal, conducting audits to assess operational and compliance risks.

1. ROLE & RESPONSIBILITIES

The IT Auditor Associate will join the Internal Audit IT Team, focusing on IT systems, Cyber Security, and Data Management. The role requires independence and participation in all audit stages under supervision.

The main responsibilities include:

• Participating in regional and global IT audits, both dedicated and integrated with other audit functions.
• Independently conducting audit activities: creating diagnostic matrices, identifying use cases for data testing, and preparing debriefings.
• Keeping management informed of significant issues and events.
• Writing clear audit findings and reports that add value.
• Following up on recommendations and action plans.
• Contributing to risk assessments and control evaluations.
• Supporting departmental transformation projects like data analytics and digital initiatives.

Profile required

Required Skills and Qualifications:

• Bachelor's degree in Computer Science, Information Systems, IT, or related business discipline.
• At least 3 years of experience in information systems, preferably in banking/finance.
• Knowledge of cybersecurity principles, practices, and technologies.
• Understanding of IS/IT areas: governance, SDLC, security, risk management, disaster recovery, infrastructure.
• Familiarity with IT processes: incident, change, release, configuration management.
• Knowledge of security concepts, vulnerability testing, and exploits.
• Experience with infrastructure components: databases (DB2, SQL Server, Oracle), platforms (Windows, UNIX), network devices (firewalls, routers).

• Proficiency with security assessment tools and methodologies.
• Understanding network, application security, and data protection.
• Familiarity with financial services business and products.
• Knowledge of security frameworks (ISO 17799, COBIT, COSO, etc.) and regulations (GLBA, California Privacy, Volcker Rule).

Language: Ability to communicate fluently in English, both orally and in writing, is essential for collaboration with US colleagues and partners.

Note: Candidates will undergo enhanced background screening, including fingerprinting, due to US securities law requirements.

Why join us

Our Benefits:

Competitive compensation & benefits, including:

• Minimum 20 vacation days + 4 personal days
• Supportive maternity, paternity, parental, and adoption leave policies
• Health and personal spending accounts with reimbursements for various categories

Virtual healthcare assistance and Employee Assistance Program for employees and families.

Employee Resource Groups (ERGs) like Pride, Women Network, Black Leadership Network, etc.

Focus on continuous development through online training platforms (Coursera, Pluralsight, etc.).

Societe Generale is committed to inclusive recruitment and offers accommodations during the process.

Our Culture: We uphold values of commitment, responsibility, teamwork, and innovation, fostering an ethical, courageous, and collaborative environment. We aim to serve clients effectively and anticipate market changes.

Diversity & Inclusion: Our mission is to recruit, develop, and retain a diverse workforce, fostering an inclusive culture that reflects community diversity and meets client needs. Details at our website.

Hybrid Work Environment: We offer flexible remote and on-site work arrangements tailored to business needs, promoting collaboration while adhering to health protocols.