Vice President

General information

Entity

About Crédit Agricole Corporate and Investment Bank (Crédit Agricole CIB)

Crédit Agricole CIB is the corporate and investment banking arm of Crédit Agricole Group, the 10th largest banking group worldwide in terms of balance sheet size (The Banker, July 2022).
8,600 employees in more than 30 countries across Europe, the Americas, Asia-Pacific, the Middle-East and North Africa, support the Bank's clients, meeting their financial needs throughout the world.
Crédit Agricole CIB offers its large corporate and institutional clients a range of products and services in capital market activities, investment banking, structured finance, commercial banking and international trade.
The Bank is a pioneer in the area of climate finance, and is currently a market leader in this segment with a complete offer for all its clients.


For more information, please visit www.ca-cib.com

Twitter: https://twitter.com/ca_cib
LinkedIn: https://www.linkedin.com/company/credit-agricole-cib/

By working every day in the interest of society, we are a group committed to diversity and inclusion. All our positions are open to people with disabilities.   

Reference

2025-97044  

Update date

21/02/2025

Job description

Business type

Types of Jobs - Risk Management / Control

Job title

Vice President - Information Technology and Cyber Risk Management

Contract type

Permanent Contract

Management position

No

Job summary

Summary
The Vice President, Information Technology and Cyber Risk Management (ITCRM) position is an individual contributor role within Credit Agricole’s Risk Division with 2nd Line of Defence oversight responsibilities across all business lines and activities of Credit Agricole’s Combined U.S. Operations (CUSO) for Information and Communications Technology (ICT) Risk, which includes IT Risk, Cyber Risk, and Operational Resiliency Risk.
The Position can be based out of Iselin, New Jersey or New York City on a hybrid work schedule with requirements to travel to NYC as needed for essential meetings (regulatory, team meetings, collaboration, etc.)
Reporting to the Head of IT and Cyber Risk for CUSO, you will be responsible for assessing, monitoring, and testing 1st Line of Defence to ensure ICT risk is appropriately identified, measured, managed, and reported in accordance to US Regulatory requirements and frameworks.

Responsibilities
- Oversee and provide effective challenge of First Line of Defence implementation of enterprise and operational risk management frameworks for ICT Risks.
- Monitor Key Risk, Key Performance, and Key Control Indicators for Information and Communications Technology across all business units, aggregate reporting to Risk Committees and escalate any breaches of established tolerances and thresholds.
- Support regulatory exams by preparing materials, responding to regulatory inquiries, and presenting on continuous monitoring sessions to regulators.
- Perform analysis on quarterly reports from various US operations and create a consolidated quarterly risk reports to be presented at various risk committees on ICT Risk.
- Manage issues across the issue management lifecycle
- Monitor regulatory rule changes and conduct training and awareness sessions as needed to business leaders across the 1st line.
- Collaborate with other Risk Management functions to identify top and emerging risks to ensure appropriate visibility of the

SPECIAL ROLE REQUIREMENTS:
-Candidate must have obtained a Certification in Risk and Information Systems Control (CRISC) Additional certifications in CISA, CISM, CBCP, and/or CISSP are a plus.
-Familiarity with the Federal Financial Institutions Examination Council (FFIEC) booklets with the ability to assess against them. Additional knowledge of NIST 800-53, NIST CSF, CRI, ISO27001, COBIT, and/or CIS frameworks are a plus.
-Must possess the ability to communicate well; translating technology terminology and issues to non-technical audiences within Sr. Management.

Salary Range: $160k-$200k 

 

#LI-DNI

Position location

Geographical area

America, United States Of America

City

NEW YORK / NEW JERSEY

Candidate criteria

Minimal education level

Bachelor Degree / BSc Degree or equivalent

Academic qualification / Speciality

Required: 

Bachelor’s degree.

 

Preferred:

Bachelor’s degree in in Management Information Systems (MIS), Information Technology, or Cybersecurity.

Level of minimal experience

6-10 years

Experience

Required: 

5+ years of experience with oversight responsibilities in Operational Risk, Information Technology, Cybersecurity and/or Operational Resilience within a 2nd Line of Defence function such as Risk Management or Compliance.

OR

8-15 years of experience in risk related functions such as 1st line Governance Risk, and Compliance (GRC) or 3rd Line Internal Audit functions focused on Information Technology, Cyber Security,

 

Preferred:

Prior experience in a US Large or Foreign Banking Organisation (LFBO)
Experience in evaluating and implementing US regulatory requirements.
Experience with or at a state or federal agency.

Required skills

Specialist Training Required: 

Certified in Risk and Information Systems Control (CRISC)

 

Specialist Training Preferred:

CISSP, CISM, CISA, CBCP

Technical skills required

Competencies Required: 

Regulatory experience
Detailed Oriented, articulate and possessing good communication skills
Excellent Analytical Skills
Resourceful in identifying, following up and resolving issues.
-Strong team spirit and work ethic
-Strong written and verbal communication skills
-Ability to collaborate across the organization and manages

Competencies Preferred:

-Leadership ability, able to drive action within the organization.
-Ability to manage up
-Ability to manage horizontally across multiple businesses and risk disciplines.

Skills & Knowledge Requirements:

-Strong Risk Management knowledge is required including working knowledge of Enterprise Risk Management, Operational Risk Management, and familiarity with Third Party Risk Management.
-Knowledge of technology environments and processes is also required.

-Project Management skills
- Audit/Testing knowledge