Vulnerability Management Officer

ABOUT THE JOB:The Group Chief Operating Office (GCOO)’s vision is to enable best-in-class operational excellence across the Group leveraging Technology (Digital, Data, and AI) and Talents. Group COO functions are the foundations that will enable and support business efficiency, differentiation, and development. GCOO leverages its 5 Functions to meet strategic ambitions: Information Systems, Real Estate, Sourcing, Group Data Office & Global Solution Center.As a Vulnerability Management Officer, you will oversee the vulnerability management and configuration management program for the AMER region. This role demands excellent communication skills, both written and verbal, along with the ability to influence others effectively. The ideal candidate will demonstrate practical expertise in executing a robust vulnerability and/or configuration management program, including timely responses to emerging threats in the financial services sector. This position requires strong technical analysis capabilities and a knack for process improvement, coupled with the skill to present program status and enhancement proposals to senior management.What will be your DAY-TO-DAY?Vulnerability & Configuration Management:Lead AMER vulnerability & configuration programs, overseeing risk, patching, and remediation.Manage discovery, evaluation, and implementation of scanning, patching, and testing.Provide quarterly updates to senior management and align initiatives with InfoSec and business objectives.Conduct comprehensive vulnerability and patching reviews, reporting issues, and proposing solutions.Review and approve improvement recommendations and communicate emerging threats.Enhance reporting framework to provide regular metrics and statistics, reporting to key stakeholders.Skills and Qualifications:Knowledge and Experience:4-5 years of information security experience, with hands-on expertise in vulnerability management.Strong communication skills, capable of presenting to various levels, from technical to senior management.Proficiency in MS Office suite.Strong analytical, problem-solving, and process improvement skills.Familiarity with tools like Qualys, Windows Defender, or equivalent for vulnerability management preferred.Understanding of security best practices and risk assessment preferred.Education/Certifications:Bachelor's degree in Cybersecurity, Computer Science, or Business Management, or equivalent experience.Preferred certifications: CISSP, CCSP, CISM, GSEC, CEH, or related security certifications.Languages: French and English.Ability to communicate in English, both orally and in writing, is a requirement as the person in this position will need to collaborate regularly with colleagues and partners in the United States.OUR BENEFITS:Competitive compensation & benefits offering, including but not limited to:Minimum of 20 vacation days + 4 personal days.Supportive maternity, paternity, parental, and adoption leave policy.Health spending ($2,000/year) and personal spending ($1,000/year) accounts with 75+ eligible reimbursement categories (health, training, electronics, etc.).Fully sponsored virtual healthcare assistance and Employee Assistance Program to you and your immediate family.Various Employee Resource Groups (ERG) to engage with such as Pride and Allies, American Women Network, Black Leadership Network, One planet, etc.A culture of continuous development by encouraging our employees through various training programs (online training and coaching platform such as Coursera, GoFluent, Pluralsight, First Finance, and others).OUR CULTURE:At Societe Generale, we live by our 4 core values of commitment, responsibility, team spirit, and innovation. We are engaged and demonstrate consideration for others. We act ethically and with courage. We focus our talent and energy on collective success. We experiment and propose new ideas. This way, we maximize our ability to serve client needs and anticipate market changes.HYBRID WORK ENVIRONMENT:Societe Generale offers a hybrid work arrangement that offers employees the flexibility to work remotely, as well as on-site, in order to promote interaction and collaboration with colleagues while adhering to all SG standard protocols. Hybrid work arrangements vary based on business area. The applicable business lines will determine and communicate the work arrangements that best meet their business needs. #J-18808-Ljbffr