Within Societe Generale Global Solution Center (SGGSC), you will join Global Cybersec Capability Centre (G3C) team based out of Bengaluru, working in Third Party Risk Management team to contribute in the information security and risk management practice.

The candidate will be involved in the infosec operations, risk management activities, Third party security and governance. This implies working relations with extended Business lines and IT teams on behalf of G3C team.

The candidate will be working in a high-pressure environment, it calls for assertiveness and flexibility to ensure deadlines are met based on agreements / defined milestones

We are seeking a skilled and experienced Information Security & Risk specialist to join our team. The ideal candidate will have 7-9 years of experience in risk and information security audit, with a focus on third party risk management.

In this role, you will be responsible for conducting risk assessments and audits of the company's information security systems, processes, and controls. You will work closely with the Information Security team and other stakeholders to identify and evaluate potential security risks, and provide recommendations for mitigating and managing these risks.

The main responsibilities as a lead & performer are:

• Perform third party risk assessments
• Design security controls
• Perform infosec audits
• Act as a SPOC for the team
• Work in close coordination with global Function Manager and local line manage

  Responsibilities

• - Continuously evaluate existing security practices, define and measure security-related activities and demonstrating improvements to the sec programs within the organization
  - Work closely with governance, regulatory and compliance to help formulate and implement a strategy for security that is tailored to the specific risks facing the organization
  - Monitor and provide continuous assurance on infrastructure security by leveraging available third party tools while assuring efficacy of controls against policies and certifications in the most automated manner
  - Responsible for building effective working relationships, making sound decisions, successfully making changes, initiating action and achieving results 

- 7-9 years of overall work experience in IT app/ Infrastructure, risk, cybersecurity
- A strong understanding and experience of establishing security governance across an organization
- Conducting risk assessments and audits of the company's information security systems, processes, and controls

- Identifying and evaluating potential security risks, including risks related to third party vendors and partners

- Developing and implementing strategies and processes for managing and mitigating identified risks

- Working with the Information Security team and other stakeholders to implement and maintain security controls and standards

- Providing guidance and support to the Information Security team and other stakeholders on information security best practices and standards

- Developing and maintaining security policies, procedures, and standards

- Reporting on audit findings and recommendations to the Information Security team and other stakeholders

- Keeping up-to-date with the latest developments and trends in information security, risk management, and third party risk management
- Strong a self-starter who has the ability to operate independently and demonstrates complete ownership over assigned objectives in a "semi-structured" environment
- Excellent oral/written presentation skills with ability to communicate effectively with senior executive leadership

At Socit Gnrale, we are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious. Whether youre joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating, and taking action are part of our DNA. If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us!

Still hesitating? 
You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices, and sharing their skills with charities. There are many ways to get involved.

We are committed to support accelerating our Groups ESG strategy by implementing ESG principles in all our activities and policies. They are translated in our business activity (ESG assessment, reporting, project management or IT activities), our work environment and in our responsible practices for environment protection.

We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

At Socit Gnrale, we are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious. Whether youre joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating, and taking action are part of our DNA. If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us!

Still hesitating? 
You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices, and sharing their skills with charities. There are many ways to get involved.

We are committed to support accelerating our Groups ESG strategy by implementing ESG principles in all our activities and policies. They are translated in our business activity (ESG assessment, reporting, project management or IT activities), our work environment and in our responsible practices for environment protection.

Diversity and Inclusion