Pause
Lecture
Moteur de recherche d'offres d'emploi Crédit Agricole CIB

Information Systems Security Control Specialist


Vacancy details

General information

Entity

About Crédit Agricole Corporate and Investment Bank (Crédit Agricole CIB)

Crédit Agricole CIB is the corporate and investment banking arm of Credit Agricole Group, the 12th largest banking group worldwide in terms of tier 1 capital (The Banker, July 2021). Nearly 8,600 employees across Europe, the Americas, Asia-Pacific, the Middle East and Africa support the Bank's clients, meeting their financial needs throughout the world. Crédit Agricole CIB offers its large corporate and institutional clients a range of products and services in capital markets activities, investment banking, structured finance, commercial banking and international trade. The Bank is a pioneer in the area of climate finance, and is currently a market leader in this segment with a complete offer for all its clients.


For more information, please visit www.ca-cib.com

Twitter: https://twitter.com/ca_cib
LinkedIn: https://www.linkedin.com/company/credit-agricole-cib/
  

Reference

2022-65699  

Update date

08/03/2022

Job description

Business type

Types of Jobs - Information systems / IT Project management

Job title

Information Systems Security Control Specialist

Contract type

Permanent Contract

Job summary

Summary

 

The Information Systems Security Control Specialist identifies areas of improvement in existing processes and controls. Identify gaps and recommend improvements. Supports a strong risk control management culture through the implementation of key risk control programs into the standard operating framework of the business.

This role will be primarily supporting the execution of evidence based control evaluations supporting the Enterprise Cybersecurity Risk Assessment, Risk and Control Self-Assessment (RCSA) and training programs.

 

Key Responsibilities

 

·         Assist the effective design and performance of the control environment in conjunction with other lines of defence.

·         Assist in Identifying opportunities for process and control improvements through monitoring of emerging risk, changes to technology environment, industry framework and trends.

·         Assist with the effective implementation, execution, and governance of information security control framework, control objectives and control activities.

·         Assist in performing information security control evaluation and rate controls for design and effectiveness; and in testing technology controls.

·         Assist with the development of cybersecurity awareness and training materials to effectively promote security awareness and best practices, and with ensuring compliance with regulations, policies and industry standards.

·         Track training completion (i.e. attendance, quiz scores, etc.) and distribution of awareness materials. 

·         Compile report status for appropriate governance committee.

 

 

 

Management and Reporting

 

·         Reports to Senior Risk Manager / CLSi

 

Key Internal contacts

 

Information Systems Security team

GIT teams

 

Key External contacts

 

n/a

Position location

Geographical area

America, United States Of America

City

NEW YORK

Candidate criteria

Minimal education level

Bachelor Degree / BSc Degree or equivalent

Academic qualification / Speciality

Essential

  • Bachelor’s degree in Cybersecurity, Business or IT Technologies

Desirable

  • Master’s degree in Cybersecurity, Business or IT Technologies

Experience

Desirable

  • 2+ years of experience in risk control management or financial services industry experience, with direct experience in risk control management

Required skills

Essential

• Information security risk control

• Knowledge and understanding of technology risks related to business risks

• Intermediate Microsoft Office skills

• Excellent verbal, written, and interpersonal communication skills

• Strong analytical skills with high attention to detail and accuracy

• Knowledge of control framework and control testing

• Knowledge of technology and information security risk framework – COBIT, FFIEC, NIST, ITIL, COSO, BASEL, or OCC standards

Desirable 

• Certified Information Systems Security Professional (CISSP)

• Certified Information Systems Auditor (CISA)

• Ability to generate, review, edit, and distribute risk control reports

• Experience reviewing testing strategies and methodologies; evaluating the adequacy and effectiveness of policies, procedures, processes, and internal controls; and identifying issues resulting from internal and/or external compliance examinations

• Experience with supporting information technology risk control programs that align with technology business function

• Strong ability and experience working with and collaborating stakeholders and team members at all levels and across functional lines