Summary

The position is an individual contributor role within Credit Agricole’s Risk Division with 2nd Line of Defence oversight responsibilities across all business lines and activities of Credit Agricole’s Combined U.S. Operations (CUSO) for Information and Communications Technology (ICT) Risk, which includes IT Risk, Cyber Risk, and Operational Resiliency Risk.

The Position can be based out of Iselin, New Jersey or New York City on a hybrid work schedule with requirements to travel to NYC as needed for essential meetings (regulatory, team meetings, collaboration, etc.)

Reporting to the Head of IT and Cyber Risk for CUSO, you will be responsible for assessing, monitoring, and testing 1st Line of Defence to ensure ICT risk is appropriately identified, measured, managed, and reported in accordance to US Regulatory requirements and frameworks.

Responsibilities

• Oversee and provide effective challenge of First Line of Defence implementation of enterprise and operational risk management frameworks for ICT Risks.
• Monitor Key Risk, Key Performance, and Key Control Indicators for Information and Communications Technology across all business units, aggregate reporting to Risk Committees and escalate any breaches of established tolerances and thresholds.
• Support regulatory exams as needed
• Perform analysis on quarterly reports from various US operations and create a consolidated quarterly risk reports to be presented at various risk committees on ICT Risk.
• Manage issues across the issue management lifecycle

Salary Range: $150k - $160k

SPECIAL ROLE REQUIREMENTS: 

• Familiarity with the Federal Financial Institutions Examination Council (FFIEC) booklets NIST 800-53, NIST CSF, CRI, ISO27001, COBIT, and/or CIS frameworks are a plus.
• Must possess the ability to communicate well; translating technology terminology and issues to non-technical audiences within Sr. Management.

Education Essential: College Degree BA/BS 

Education Desirable: College Degree BA/BS in Business Management Information Systems (MIS), Information Technology, Cybersecurity, or Accounting

Experience Essential: 

• 2+ years of experience with oversight responsibilities in Operational Risk, Information Technology, Cybersecurity and/or Operational Resilience within a 2nd Line of Defence function such as Risk Management or Compliance.
•  OR
•  5+ years of experience in risk related functions such as 1st line Governance Risk, and Compliance (GRC), 3rd Line Internal Audit function, or at a consulting firm conducting assessments.

Experience Desirable: 

• Prior experience in a US Large or Foreign Banking Organisation (LFBO)
• Experience in evaluating and/or implementing US regulatory requirements.
• Experience with or at a state or federal agency is a plus.

Competencies Essential:

• Detailed Oriented, articulate and possessing good communication skills
• Excellent Analytical Skills
• Resourceful in identifying, following up and resolving issues. 
• Strong team spirit and work ethic
• Strong written and verbal communication skills
• Ability to collaborate across the organization and manages relationships

Skills & Knowledge Essential: 

• Must be proficient with MS Office products including MS Teams, Outlook, Excel, and Power Point 
• Knowledge of technology environments and processes is also required.

Skills & Knowledge Desirable:

• Strong Risk Management knowledge is a plus including working knowledge of Enterprise Risk Management, Operational Risk Management, and familiarity with Third Party Risk Management.
•  Project Management skills
•  Audit/Testing knowledge

Specialist Training Desirable:

• Certified in Risk and Information Systems Control (CRISC)
• CISSP, CISM, CISA, CBCP