Investment Banking

Information Security Officer - Banking operations processing - Montreal, Quebec, Canada

at Societe Generale

Mid LevelNo visa sponsorshipCybersecurity

Posted 2 days ago

No clicks

Compensation: Not specified
City: Not specified
Country: Canada

Lead the AMER vulnerability and configuration management programs as part of the Cyber Threat Defense team. Oversee vulnerability scanning, patching/remediation and risk acceptance; manage discovery, evaluation, and implementation of vulnerability scanning and configuration reviews. Present operating and steering committee updates to senior management on a quarterly basis and develop annual roadmaps aligned with overall InfoSec and business objectives. Collaborate across GBSU and GTS departments in the Americas and globally with SG CERT, ISR and GTS teams, and drive improved security metrics reporting to the CISO and other key stakeholders.

{"hiringOrganization":{"logo":"https:\/\/careers.societegenerale.com\/themes\/custom\/sg_careers\/images\/LOGO_Groupe_EN.jpg","@type":"Organization","name":"Societe Generale","sameAs":"https:\/\/careers.societegenerale.com"},"employmentType":"Permanent contract","validThrough":"2026\/02\/23","datePosted":"2026\/01\/14","title":"Information Security Officer - Banking operations processing - Montreal, Quebec, Canada","@context":"http:\/\/schema.org\/","@type":"JobPosting","description":"Responsibilities

The Vulnerability Management Lead is responsible for the AMER region\u2019s vulnerability management and configuration management program. The position requires excellent communication skills (written and verbal) and a strong ability to influence others. The ideal candidate will be able to demonstrate practical and in-depth knowledge of running an effective vulnerability & \/ or configuration management program including dynamically responding to emerging threats in the financial services industry.<\/p>

The role also calls for strong technical analysis and process improvement skills and the ability to present to senior management on the state of, and proposals to improve, the program.<\/p>

Working knowledge of cybersecurity and risk assessment frameworks (e.g., NIST) and regulations applicable to the financial services industry (e.g., NYDFS 500, FINRA, SEC) is preferred.<\/p>

The Vulnerability Management Lead is a member of the Cyber Threat Defense (CTD) team within the AMER Data and Cyber Security (ISR) department and reports to the Director of CTD. This position requires strong collaboration across GBSU and GTS departments in the Americas and globally with SG CERT, ISR and GTS teams.<\/p>

ESSENTIAL JOB FUNCTIONS<\/strong><\/b><\/p>

Vulnerability & Configuration Management<\/strong><\/i><\/b><\/p>

Lead the AMER vulnerability & configuration management programs \u2013 Act as the main point of contact and expert in Vulnerability Management and configuration management; including overseeing the risk of zero-day vulnerabilities, oversee patching\/remediation and risk acceptance of vulnerabilities where appropriate.<\/p><\/li>
Oversee the discovery, evaluation, and implementation of vulnerability scanning, patch and configuration review, penetration testing.<\/p><\/li>
Present operating and steering committees for projects to senior management on a quarterly basis.<\/p><\/li>
Develop and oversee annual roadmaps of initiatives to align with overall InfoSec and business objectives\/strategy.<\/p><\/li>
Develop and manage detailed vulnerability reviews and assessments, and patching and configuration reviews: (1) Assess potential damage of security flaws and assist in the implementation of corrective actions; (2) Identify, document, and report security issues and concerns to management; and (3) Monitor corrective actions and recommending cost-effective preventive measures to preclude recurrences.<\/p><\/li>
Review and sign-off on all recommendations on possible improvements resulting from the work performed as part of projects.<\/strong><\/i><\/b><\/p><\/li>
Draft and publish communications for management as new threats emerge.<\/p><\/li>
Improve the reporting framework that will provide regular metrics and statistics about our business and IT environment; analyze trends in security events, activities, etc. to better understand risks, insufficiencies in our solutions, staffing shortages, etc.; report security metrics and statistics to the CISO and other key stakeholders such as the COO, CIO, and CTO.<\/p><\/li><\/ul>Profile required
LANGUAGE:\u00a0<\/strong><\/p>
Ability to communicate in English, both orally and in writing, is a requirement as the person in this position will need to collaborate regularly with colleagues and partners in the United States.<\/p>Why join us
OUR BENEFITS:<\/strong><\/p>
WHAT WE DO DIFFERENTLY AT SOCI\u00c9T\u00c9 G\u00c9N\u00c9RALE<\/strong><\/p>
Competitive compensation & benefits offering, including but not limited to:<\/p>
- Minimum of 20 Vacation days\u202f+ 4\u202fpersonal days\u00a0
  Supportive Maternity, paternity, parental and adoption leave policy\u00a0<\/li>
  Health spending\u202f($2,000\/year) and\u202fpersonal spending\u202f($1,000\/year)\u202faccounts\u202fwith 75+ eligible reimbursement categories (health, training, electronics etc.)<\/li><\/ul><\/li><\/ul>
  Fully sponsored virtual\u202fhealthcare assistance\u202fand\u202fEmployee Assistance Program\u202fto you and your immediate family<\/p>
  Various Employee Resource Groups\u202f(ERG) to engage with\u202fsuch as Pride and Allies, American Women Network, Black Leadership Network, One planet, etc.<\/p>
  A\u202fculture of continuous development\u202fby encouraging our employees various\u202ftraining programs\u202f(online training and coaching platform such as Coursera, GoFluent, Pluralsight, First Finance, and others)<\/li><\/ul>Business insight
  Societe Generale is committed to offering an inclusive recruitment experience to all candidates. If you require any reasonable accommodations during the recruitment process, please do not hesitate to let our Recruiters know.<\/p>
  OUR CULTURE:\u00a0<\/strong>
  At Societe Generale, we live by our 4 core values of commitment, responsibility, team spirit and innovation. We are engaged and demonstrate consideration for others. We act ethically and with courage. We focus our talent and energy on collective success. We experiment and propose new ideas. This way, we maximize our ability to serve client needs and anticipate market changes. Societe Generale is committed to strengthening bonds with colleagues, communities, and the world in which we live, because relationships are at the heart of how we operate. For more information about our Culture and Conduct initiatives, please visit this link (https:\/\/americas.societegenerale.com\/en\/careers\/get-know-culture\/)<\/p>
  D&I:\u00a0<\/strong>
  Our Diversity & Inclusion Mission: Recruit, develop, advance, and retain a diverse workforce that is united in our efforts to enhance our competitive position and deliver innovative solutions to our clients.
  Our Diversity & Inclusion Vision:<\/p>
  Engaged workforce that is demographically diverse in a way that reflects the communities in which we operate<\/li>
  Inclusive culture and workplace that recognizes employees' unique needs and utilizes their diverse talents<\/li>
  Engage our community and marketplace, and position the organization to meet the needs of all its clients<\/li><\/ul>
  For more information about our D&I initiatives, please visit this link (https:\/\/americas.societegenerale.com\/en\/careers\/get-know-diversity\/)<\/p>","identifier":{"@type":"PropertyValue","name":"Recruitment Societe Generale","value":"25000Q4P"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Montreal","addressCountry":"Canada"}}} window.dataLayer = window.dataLayer || []; var aData = { customVarPage1: "Information Security Officer", customVarPage2: "Montreal", customVarPage3: "Permanent contract", customVarPage4: "25000Q4P", customVarPage5: "SG MONTREAL SOLUTION CENTER 2 INC.", customVarPage6: "Banking operations processing", customVarPage7: "2026/01/14" } window.dataLayer.push(aData);
  
  Back to offers
  Information Security Officer
  
  Banking operations processing
  
  Apply
  Add to favorites
  
  Permanent contract
  
  Montreal, Quebec, Canada
  
  Hybrid
  
  Reference 25000Q4P
  
  Start date 2026/02/23
  
  Publication date 2026/01/14
  
  Responsibilities
  
  The Vulnerability Management Lead is responsible for the AMER region’s vulnerability management and configuration management program. The position requires excellent communication skills (written and verbal) and a strong ability to influence others. The ideal candidate will be able to demonstrate practical and in-depth knowledge of running an effective vulnerability & / or configuration management program including dynamically responding to emerging threats in the financial services industry.
  The role also calls for strong technical analysis and process improvement skills and the ability to present to senior management on the state of, and proposals to improve, the program.
  Working knowledge of cybersecurity and risk assessment frameworks (e.g., NIST) and regulations applicable to the financial services industry (e.g., NYDFS 500, FINRA, SEC) is preferred.
  The Vulnerability Management Lead is a member of the Cyber Threat Defense (CTD) team within the AMER Data and Cyber Security (ISR) department and reports to the Director of CTD. This position requires strong collaboration across GBSU and GTS departments in the Americas and globally with SG CERT, ISR and GTS teams.
  ESSENTIAL JOB FUNCTIONS
  Vulnerability & Configuration Management
  Lead the AMER vulnerability & configuration management programs – Act as the main point of contact and expert in Vulnerability Management and configuration management; including overseeing the risk of zero-day vulnerabilities, oversee patching/remediation and risk acceptance of vulnerabilities where appropriate.
  Oversee the discovery, evaluation, and implementation of vulnerability scanning, patch and configuration review, penetration testing.
  Present operating and steering committees for projects to senior management on a quarterly basis.
  Develop and oversee annual roadmaps of initiatives to align with overall InfoSec and business objectives/strategy.
  Develop and manage detailed vulnerability reviews and assessments, and patching and configuration reviews: (1) Assess potential damage of security flaws and assist in the implementation of corrective actions; (2) Identify, document, and report security issues and concerns to management; and (3) Monitor corrective actions and recommending cost-effective preventive measures to preclude recurrences.
  Review and sign-off on all recommendations on possible improvements resulting from the work performed as part of projects.
  Draft and publish communications for management as new threats emerge.
  Improve the reporting framework that will provide regular metrics and statistics about our business and IT environment; analyze trends in security events, activities, etc. to better understand risks, insufficiencies in our solutions, staffing shortages, etc.; report security metrics and statistics to the CISO and other key stakeholders such as the COO, CIO, and CTO.
  
  Profile required
  
  LANGUAGE:
  Ability to communicate in English, both orally and in writing, is a requirement as the person in this position will need to collaborate regularly with colleagues and partners in the United States.
  
  Why join us
  
  OUR BENEFITS:
  WHAT WE DO DIFFERENTLY AT SOCIÉTÉ GÉNÉRALE
  Competitive compensation & benefits offering, including but not limited to:
  Minimum of 20 Vacation days + 4 personal days
  Supportive Maternity, paternity, parental and adoption leave policy
  Health spending ($2,000/year) and personal spending ($1,000/year) accounts with 75+ eligible reimbursement categories (health, training, electronics etc.)
  Fully sponsored virtual healthcare assistance and Employee Assistance Program to you and your immediate family
  Various Employee Resource Groups (ERG) to engage with such as Pride and Allies, American Women Network, Black Leadership Network, One planet, etc.
  A culture of continuous development by encouraging our employees various training programs (online training and coaching platform such as Coursera, GoFluent, Pluralsight, First Finance, and others)
  
  Business insight
  
  Societe Generale is committed to offering an inclusive recruitment experience to all candidates. If you require any reasonable accommodations during the recruitment process, please do not hesitate to let our Recruiters know.
  OUR CULTURE:
  At Societe Generale, we live by our 4 core values of commitment, responsibility, team spirit and innovation. We are engaged and demonstrate consideration for others. We act ethically and with courage. We focus our talent and energy on collective success. We experiment and propose new ideas. This way, we maximize our ability to serve client needs and anticipate market changes. Societe Generale is committed to strengthening bonds with colleagues, communities, and the world in which we live, because relationships are at the heart of how we operate. For more information about our Culture and Conduct initiatives, please visit this link (https://americas.societegenerale.com/en/careers/get-know-culture/)
  D&I:
  Our Diversity & Inclusion Mission: Recruit, develop, advance, and retain a diverse workforce that is united in our efforts to enhance our competitive position and deliver innovative solutions to our clients.
  Our Diversity & Inclusion Vision:
  Engaged workforce that is demographically diverse in a way that reflects the communities in which we operate
  Inclusive culture and workplace that recognizes employees' unique needs and utilizes their diverse talents
  Engage our community and marketplace, and position the organization to meet the needs of all its clients
  For more information about our D&I initiatives, please visit this link (https://americas.societegenerale.com/en/careers/get-know-diversity/)
  
  Diversity and Inclusion
  
  Societe Generale is an equal opportunity employer and we are proud to make diversity a strength for our company. We are committed to recognizing and promoting the talents and achievements of our employees and staff, regardless of race, religion, color, national origin, sex, disability, age, gender, sexual orientation, and any other characteristic or status protected under applicable law.
  We strive to write our postings as inclusively as possible. If, however, one gender is used alone in this display, it designates persons of all gender identities.
  
  Share
  
  Information Security Officer
  
  Permanent contract
  
  Montreal, Quebec, Canada
  
  Hybrid
  
  Responsibilities Profile required Why join us Business insight Diversity and Inclusion
  
  Apply
  Add to favorites
  
  Titre
  
  Similar jobs
  
  Information Security Officer
  
  Permanent contract
  
  Montreal, Canada
  
  V.I.E. Business Continuity Officer
  
  International Volunteer Program
  
  Luxembourg, Luxembourg
  
  Analyst - Reconciliation Management
  
  Permanent contract
  
  Chennai, India
  
  Titre
  
  Jobs & contracts
  
  Read more
  
  { "@context": "https://schema.org", "@type": "BreadcrumbList", "itemListElement": [ { "@type": "ListItem", "position": 1, "name": "Home", "item": "https://careers.societegenerale.com/en" } , { "@type": "ListItem", "position": 2, "name": "Job offers", "item": "https://careers.societegenerale.comhttps://careers.societegenerale.com/en/search" } , { "@type": "ListItem", "position": 3, "name": "Information Security Officer", } ] }
  
  Home
  
  Job offers
  
  Information Security Officer

Information Security Officer

Banking operations processing

Apply

Add to favorites

Permanent contract

Montreal, Quebec, Canada

Hybrid

Reference 25000Q4P

Start date 2026/02/23

Publication date 2026/01/14

Responsibilities

The Vulnerability Management Lead is responsible for the AMER region’s vulnerability management and configuration management program. The position requires excellent communication skills (written and verbal) and a strong ability to influence others. The ideal candidate will be able to demonstrate practical and in-depth knowledge of running an effective vulnerability & / or configuration management program including dynamically responding to emerging threats in the financial services industry.

The role also calls for strong technical analysis and process improvement skills and the ability to present to senior management on the state of, and proposals to improve, the program.

Working knowledge of cybersecurity and risk assessment frameworks (e.g., NIST) and regulations applicable to the financial services industry (e.g., NYDFS 500, FINRA, SEC) is preferred.

ESSENTIAL JOB FUNCTIONS

Vulnerability & Configuration Management

Lead the AMER vulnerability & configuration management programs – Act as the main point of contact and expert in Vulnerability Management and configuration management; including overseeing the risk of zero-day vulnerabilities, oversee patching/remediation and risk acceptance of vulnerabilities where appropriate.
Oversee the discovery, evaluation, and implementation of vulnerability scanning, patch and configuration review, penetration testing.
Present operating and steering committees for projects to senior management on a quarterly basis.
Develop and oversee annual roadmaps of initiatives to align with overall InfoSec and business objectives/strategy.
Develop and manage detailed vulnerability reviews and assessments, and patching and configuration reviews: (1) Assess potential damage of security flaws and assist in the implementation of corrective actions; (2) Identify, document, and report security issues and concerns to management; and (3) Monitor corrective actions and recommending cost-effective preventive measures to preclude recurrences.
Review and sign-off on all recommendations on possible improvements resulting from the work performed as part of projects.
Draft and publish communications for management as new threats emerge.
Improve the reporting framework that will provide regular metrics and statistics about our business and IT environment; analyze trends in security events, activities, etc. to better understand risks, insufficiencies in our solutions, staffing shortages, etc.; report security metrics and statistics to the CISO and other key stakeholders such as the COO, CIO, and CTO.

Profile required

LANGUAGE:

Ability to communicate in English, both orally and in writing, is a requirement as the person in this position will need to collaborate regularly with colleagues and partners in the United States.

Why join us

OUR BENEFITS:

WHAT WE DO DIFFERENTLY AT SOCIÉTÉ GÉNÉRALE

Competitive compensation & benefits offering, including but not limited to:

Minimum of 20 Vacation days + 4 personal days
- Supportive Maternity, paternity, parental and adoption leave policy
- Health spending ($2,000/year) and personal spending ($1,000/year) accounts with 75+ eligible reimbursement categories (health, training, electronics etc.)

Fully sponsored virtual healthcare assistance and Employee Assistance Program to you and your immediate family

Various Employee Resource Groups (ERG) to engage with such as Pride and Allies, American Women Network, Black Leadership Network, One planet, etc.

A culture of continuous development by encouraging our employees various training programs (online training and coaching platform such as Coursera, GoFluent, Pluralsight, First Finance, and others)

Business insight

Societe Generale is committed to offering an inclusive recruitment experience to all candidates. If you require any reasonable accommodations during the recruitment process, please do not hesitate to let our Recruiters know.

OUR CULTURE:
At Societe Generale, we live by our 4 core values of commitment, responsibility, team spirit and innovation. We are engaged and demonstrate consideration for others. We act ethically and with courage. We focus our talent and energy on collective success. We experiment and propose new ideas. This way, we maximize our ability to serve client needs and anticipate market changes. Societe Generale is committed to strengthening bonds with colleagues, communities, and the world in which we live, because relationships are at the heart of how we operate. For more information about our Culture and Conduct initiatives, please visit this link (https://americas.societegenerale.com/en/careers/get-know-culture/)

D&I:
Our Diversity & Inclusion Mission: Recruit, develop, advance, and retain a diverse workforce that is united in our efforts to enhance our competitive position and deliver innovative solutions to our clients.
Our Diversity & Inclusion Vision:

Engaged workforce that is demographically diverse in a way that reflects the communities in which we operate
Inclusive culture and workplace that recognizes employees' unique needs and utilizes their diverse talents
Engage our community and marketplace, and position the organization to meet the needs of all its clients

For more information about our D&I initiatives, please visit this link (https://americas.societegenerale.com/en/careers/get-know-diversity/)

Diversity and Inclusion

Societe Generale is an equal opportunity employer and we are proud to make diversity a strength for our company. We are committed to recognizing and promoting the talents and achievements of our employees and staff, regardless of race, religion, color, national origin, sex, disability, age, gender, sexual orientation, and any other characteristic or status protected under applicable law.
We strive to write our postings as inclusively as possible. If, however, one gender is used alone in this display, it designates persons of all gender identities.