IT Risk & Process Officer

Environment

Societe Generale is one of the leading European financial services groups. Founded in 1864, we have been playing a vital role in the economy for over 150 years. With more than 148,000 employees based in 76 countries worldwide, we accompany 32 million clients throughout the world on a daily basis. Based on a diversified universal banking model, the Group combines financial strength with a strategy of sustainable growth.

Our expertise in the Asia Pacific region ranges from Corporate & Investment Banking (Advisory, Financing and Global Markets) to Trade Finance and Cash Management Services. Leveraging on our formidable global footprint, we serve Corporates, Financial Institutions and the public sector. With our regional headquarters in Hong Kong, we operate in 11 countries across Asia Pacific, including Beijing, Seoul, Tokyo, Singapore, Mumbai, Sydney and other locations in the region.

Within Société Générale Corporate & Investment Banking (SGCIB), you will join the Information Technologies (ITEC) department. ITEC is in charge of providing other departments with the Information System support. In every SG CIB's implantation all over the world, ITEC produces and manages high quality and competitive tools respecting technology and cost standards.

Mission

Summary of Roles and Responsibilities

IT Risk Officer

• IT Risk Management and Permanent Control Transformation program management for the region
• Work with Global team(s), especially Paris, to setup program planning and scoping for the region
• Assist ITEC teams for design and deployment of the required controls and risk management framework
• Work with our partners - GTS, ROCS & RISQ/OPE to define and roll out the process for the region
• Communicate and report regularly and proactively on projects progression, and potential issues requiring escalations to management.
• Coordinate within ITEC (and potentially also GTS) the review and execution of operational / managerial supervision controls to ensure adequate risk coverage and compliance with global / local regulations;
• Follow-up the correction of managerial supervision anomalies and action plans
• Risk Control Self-Assessment (RCSA) for ITEC (and potentially also GTS) in Asia
• Interface with stakeholders at all levels, from technical engineers to senior management
• Work closely with other risk and security departments, including all 3 lines of defence
• Facilitate and coordinate Audit and Inspection missions.
• Be the liaison / proxy between Paris and Asia on all IT Risk Management topics.

IT Process Officer

• Be the expert in ITIL Framework in Asia and promote its adaptation via training & education to others.
• Active participation in the Steering & Reporting of IT Production Governance for ITEC & GTS organization in Asia.
• Propose Improvement on the Steering & Reporting with innovative ideas, while realizing these improvements via Technical approach (Automation & Tools Enhancement) and/or Process Simplification etc.
• Be Technically & Functionally familiar with Global Tools used for IT Production Governance in ITEC & GTS Asia.
• Be part of the Major Incident Management team for IT Asia and participate in Shift for proper FTS (Follow-The-Sun) Support of it.

Level of Autonomy and Authority

A high degree of autonomy is expected of this role. This position will need to be able to make professional judgement on his scope of responsibilities with minimal supervision, will need to be able to deal with senior management at the C-Level, liaise with the Regulators when required, and interface with other control functions like Compliance, Risk, Audit and ROCS.

He / she will need to use his / her professional knowledge to proactively advise the ITEC management, and other stake holders, to improve the operational risk level of ITEC in specific and Societe Generale overall.

As the liaison / proxy between Paris and Asia on all IT Risk Management Topics, he / she needs to influence Paris to ensure the Global Policy in place is adequate while applicable to Asia, with constraints of various Local Regulations.

Profile

Competencies

Education
- Bachelor Degree

Knowledge & Skillsets (Must)
- Strong Knowledge in ITIL / ITSM
- Knowledge around IT Risk Management, especially COBIT v5
- Knowledge and experience in a banking environment
- Good skills in Microsoft office, especially Excel (including Macro)

Knowledge & Skillsets (Plus)
- Knowledge and experience in Production Support, Software Development, IT infrastructure (speak the language, expertise is not required)
- Knowledge in IT Security.
- Scripting Skill in Python, VBA, PHP etc.

Soft Skills
- Good verbal, written, and interpersonal communication skills
- Able to organize time, multitask, and define priorities (autonomy)
- Able to interact with all level of the organization from operators to executive management members
- Must be able to work collaboratively within a complex organization, across multiple cultures, geographies and disciplines

Language
- English proficiency required - other spoken languages in the region or French is a plus.