Vice President - Information Technology and Cyber Risk ...

Summary The Vice President, Information Technology and Cyber Risk Management (ITCRM) position is an individual contributor role within Credit Agricole's Risk Division with 2nd Line of Defence oversight responsibilities across all business lines and activities of Credit Agricole's Combined U.S. Operations (CUSO) for Information and Communications Technology (ICT) Risk, which includes IT Risk, Cyber Risk, and Operational Resiliency Risk.The Position can be based out of Iselin, New Jersey or New York City on a hybrid work schedule with requirements to travel to NYC as needed for essential meetings (regulatory, team meetings, collaboration, etc.)Reporting to the Head of IT and Cyber Risk for CUSO, you will be responsible for assessing, monitoring, and testing 1st Line of Defence to ensure ICT risk is appropriately identified, measured, managed, and reported in accordance to US Regulatory requirements and frameworks. Responsibilities - Oversee and provide effective challenge of First Line of Defence implementation of enterprise and operational risk management frameworks for ICT Risks.- Monitor Key Risk, Key Performance, and Key Control Indicators for Information and Communications Technology across all business units, aggregate reporting to Risk Committees and escalate any breaches of established tolerances and thresholds.- Support regulatory exams by preparing materials, responding to regulatory inquiries, and presenting on continuous monitoring sessions to regulators.- Perform analysis on quarterly reports from various US operations and create a consolidated quarterly risk reports to be presented at various risk committees on ICT Risk.- Manage issues across the issue management lifecycle.- Monitor regulatory rule changes and conduct training and awareness sessions as needed to business leaders across the 1st line.- Collaborate with other Risk Management functions to identify top and emerging risks to ensure appropriate visibility. SPECIAL ROLE REQUIREMENTS: - Candidate must have obtained a Certification in Risk and Information Systems Control (CRISC). Additional certifications in CISA, CISM, CBCP, and/or CISSP are a plus.- Familiarity with the Federal Financial Institutions Examination Council (FFIEC) booklets with the ability to assess against them. Additional knowledge of NIST 800-53, NIST CSF, CRI, ISO27001, COBIT, and/or CIS frameworks are a plus.- Must possess the ability to communicate well; translating technology terminology and issues to non-technical audiences within Sr. Management. Salary Range: $160k-$200k #J-18808-Ljbffr

Created: 2025-03-01