Societe Generale · 1 week ago
Operational Risk Manager/Technology, BCM and Data Mgt. Risk
New York, United States
Full-time
Hybrid
Senior Level
$171K/yr - $325K/yrSociete Generale is a global leader in financial services, and they are seeking an Operational Risk Manager to oversee technology, business continuity, and data management risks. The role involves engaging with senior leadership, driving strategic decisions, and fostering a risk-aware culture across the organization.
Asset ManagementBankingFinancial ServicesInsurancePersonal Finance
Responsibilities
As part of second line of defense, providing independent review and challenge of first line of defense’s assessments e.g. RCSA, IT Risk Assessment
As part of second line of defense, gather relevant loss data and other evidence to use during its challenge function and prepares periodic reports on internal operational risk events for the operational risk governing committees
As part of second line of defense, define, manage, and challenge the first line of defense execution of the KRI Program
Working with SG Americas Enterprise Risk Management to assist in setting, reviewing, and maintaining the operational risk appetite or tolerances
Analyzing and reporting the operational risk exposure in SGAMER, including summary information on loss events, risk assessments, and emerging risks
Establishing and setting strategic direction for policies and standards of SG AMER operational risk management framework (keeping in line with global policies) and assessing adherence
Implementing and executing the infrastructure (key components) that facilitates identification, measurement, monitoring, mitigation, reporting and escalation of operational risk
Modifying the framework components in response to the changing (business and regulatory) environment and lessons learned
Defining Operational Risk Management decision and escalation paths for breaches, information, and approvals
Directing and coordinating with 1LOD operational risk managers to ensure consistent, sustainable implementation of the Framework
Reinforcing and directing Operational Risk Management culture set by senior management and the SGUS Executive Management Committee
Providing subject matter guidance on training development/content including identification of suggested Operational Risk training
Providing oversight of operational risk management processes and governance, so they are functioning as designed, objectives are met, and appropriate actions are taken to address and remediate gaps
Performing 2LOD Targeted Reviews on a continuing basis in line with current SGAMER requirements
Performing the Review and Challenge of risk issues and their corresponding action plans including but not limited to Self-Identified Issues, Compliance Identified Issues, RISQ Identified Issues, Audit Identified Issues and Regulator Identified Issues
Review and Challenge of the Algo Model Operational Control Documents for any new Algo’s as a pre-condition as they are presented at the relevant committees for approval
Review and Challenge of the Algo Model Operational Control Inventory on an annual basis
Review and Challenge of the Algo Model Operational Control Documents on an annual basis
Review and Challenge 1LoD on their compliance with Laws, Rules and Regulations
Review and Challenge the Public Cloud migration and Key Projects for respective risks
Qualification
Required
Proficient understanding of financial services, particularly in risk and regulatory domains
This role requires a comprehensive understanding of technical concepts, coupled with familiarity with related technologies, infrastructure, and a strong conceptual knowledge of enterprise IT system operations, business continuity and data management lifecycle management
Extensive knowledge of emerging technology and data risks in the areas of Artificial Intelligence, Machine Learning, and Quantum Computing
This role requires a highly meticulous and detail-oriented individual who can effectively manage multiple tasks simultaneously
Strong leadership skills, including the ability to lead through influence
Experience in assessing design and operating effectiveness of technology controls
Data architectures including reference/master data, transactions/messaging, and unstructured content
Operational risk framework components including loss data collection, RCSA, process/risk/controls
Experience leveraging IT risk frameworks such as: COBIT5, COSO, ISO27001, NIST and/or data management frameworks i.e., DCAM/CMM-DMM
Expertise in financial regulations (BCBS 239, SR 11-7, Volcker Rule)
Hands-on experience with GRC tools (i.e., Archer)
Ability to analyze root causes of issues and documenting remediation
Diligence and persistence in the face of organizational crosswinds
Strong technology experience in implementation of data architecture and building data quality controls
Extensive technical skills and expertise in business continuity, and data management include core technology operational processes and controls such as IT production incidents, change management, problem management, cloud computing, job scheduling, backup and recovery, business continuity and disaster recovery, operational resiliency, information security, and the data management lifecycle including data quality risks
Familiarity with data management lifecycle processes, concepts, controls, and tools; SAS, Collibra, Informatica, Hadoop, relational databases etc. would be desirable
Familiarity with risk technology and assessment tools
Hands-on application development life-cycle practices
Experienced in integrating vulnerability and patch management tools with IT/IS risk programs, as well as prioritizing and communicating vulnerability remediation efforts
Skilled in performing root cause analysis for technology incidents
Experienced in developing or defining requirements for GRC (Governance, Risk, and Compliance) management tools
Proficient in Microsoft Office Suite, including Excel, Word, Access, PowerPoint, Outlook, and SharePoint
Strong written and verbal communication skills
Worked in Infrastructure and/or Security Operations – 1LOD
Demonstrated effective communication at Senior Management level
Bachelor and or master's degree in computer science, Engineering or relevant technical field
Strong background in control evaluation, life-cycle management, and technology
Background in GRC tool development, implementation and governance
Background in SR11-7 Compliance
Experience in software development of transactional and analysis/reporting
IT Risk management or governance certifications (CGEIT, CRISC, CISA)
Previous work within Risk and/or Finance
Experience in leading regulatory remediation efforts
Preferred
Preferably worked in Financial Services/ Banking industry
Preferably also worked in a 2LOD Cyber Security Risk function
Benefits
401(k) plan with company match
Medical/dental/vision
Benefits for fertility
Wellness
Student loans
Commuters
Company
Societe Generale
Societe Generale is a financial services organization that offers retail, corporate, and investment banking services.
Founded in 1864
10001+ employees
H1B Sponsorship
Societe Generale has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (9)
2024 (9)
2023 (4)
2022 (7)
2021 (18)
2020 (19)
Funding
Current Stage
Public CompanyTotal Funding
$111.84M2024-07-15Post Ipo Debt· $26M
2023-12-04Post Ipo Debt· $10.84M
2021-10-01Post Ipo Debt· $15M
Leadership Team
Jerome Niddam
CEO, Asia Pacific
Stephane About
Chief Executive Officer
Recent News
Business Standard India
2026-01-09
Business Standard India
2026-01-09
Company data provided by crunchbase