Moteur de recherche d'offres d'emploi Crédit Agricole CIB

Information Systems Security Control Specialist

Vacancy details

General information


About Crédit Agricole Corporate and Investment Bank (Crédit Agricole CIB)

Crédit Agricole CIB is the corporate and investment banking arm of Credit Agricole Group, the 12th largest banking group worldwide in terms of tier 1 capital (The Banker, July 2021). Nearly 8,600 employees across Europe, the Americas, Asia-Pacific, the Middle East and Africa support the Bank's clients, meeting their financial needs throughout the world. Crédit Agricole CIB offers its large corporate and institutional clients a range of products and services in capital markets activities, investment banking, structured finance, commercial banking and international trade. The Bank is a pioneer in the area of climate finance, and is currently a market leader in this segment with a complete offer for all its clients.

For more information, please visit




Update date


Job description

Business type

Types of Jobs - Information systems / IT Project management

Job title

Information Systems Security Control Specialist

Contract type

Permanent Contract

Job summary



The Information Systems Security Control Specialist identifies areas of improvement in existing processes and controls. Identify gaps and recommend improvements. Supports a strong risk control management culture through the implementation of key risk control programs into the standard operating framework of the business.

This role will be primarily supporting the execution of evidence based control evaluations supporting the Enterprise Cybersecurity Risk Assessment, Risk and Control Self-Assessment (RCSA) and training programs.


Key Responsibilities


·         Assist the effective design and performance of the control environment in conjunction with other lines of defence.

·         Assist in Identifying opportunities for process and control improvements through monitoring of emerging risk, changes to technology environment, industry framework and trends.

·         Assist with the effective implementation, execution, and governance of information security control framework, control objectives and control activities.

·         Assist in performing information security control evaluation and rate controls for design and effectiveness; and in testing technology controls.

·         Assist with the development of cybersecurity awareness and training materials to effectively promote security awareness and best practices, and with ensuring compliance with regulations, policies and industry standards.

·         Track training completion (i.e. attendance, quiz scores, etc.) and distribution of awareness materials. 

·         Compile report status for appropriate governance committee.




Management and Reporting


·         Reports to Senior Risk Manager / CLSi


Key Internal contacts


Information Systems Security team

GIT teams


Key External contacts



Position location

Geographical area

America, United States Of America



Candidate criteria

Minimal education level

Bachelor Degree / BSc Degree or equivalent

Academic qualification / Speciality


  • Bachelor’s degree in Cybersecurity, Business or IT Technologies


  • Master’s degree in Cybersecurity, Business or IT Technologies



  • 2+ years of experience in risk control management or financial services industry experience, with direct experience in risk control management

Required skills


• Information security risk control

• Knowledge and understanding of technology risks related to business risks

• Intermediate Microsoft Office skills

• Excellent verbal, written, and interpersonal communication skills

• Strong analytical skills with high attention to detail and accuracy

• Knowledge of control framework and control testing

• Knowledge of technology and information security risk framework – COBIT, FFIEC, NIST, ITIL, COSO, BASEL, or OCC standards


• Certified Information Systems Security Professional (CISSP)

• Certified Information Systems Auditor (CISA)

• Ability to generate, review, edit, and distribute risk control reports

• Experience reviewing testing strategies and methodologies; evaluating the adequacy and effectiveness of policies, procedures, processes, and internal controls; and identifying issues resulting from internal and/or external compliance examinations

• Experience with supporting information technology risk control programs that align with technology business function

• Strong ability and experience working with and collaborating stakeholders and team members at all levels and across functional lines