Crédit Agricole CIB
Talent Acquisition Consultant at Credit Agricole CIB - Front Office
Summary of Position:
CACIB is seeking a highly motivated and detail-oriented Associate, Cyber Risk Management to join our growing cybersecurity and risk team. This role will play a central part in conducting internal cyber security reviews, including enterprise control, application level, and maturity assessments. The ideal candidate will have hands‑on experience performing cyber risk assessments and strong foundational knowledge of cybersecurity controls and frameworks.
Key Responsibilities
Plan, conduct, and document cyber risk assessments for internal applications, infrastructure, and networks
Perform control testing on cybersecurity and technology related controls to assess the design and effectiveness
Assess risk in alignment with control standards and business context, and evaluate control effectiveness using established frameworks such as NYDFS 500, NIST CSF, ISO27001, FFIEC, and CRI
Collaborate with internal stakeholders, including application owners, IT, and procurement, to gather risk related information, validate controls, and communicate results
Contribute to the ongoing development of cybersecurity policies, control requirements, and risk assessment procedures
Map and maintain controls to industry frameworks, and assist in interpreting requirements for new systems, vendors, or processes
Support efforts to improve the maturity and efficiency of the cyber risk assessment process, including process optimization and integration with Enterprise Risk Management Framework
Additional Responsibilities
Coordinate issue management and remediation, ensuring timely resolution of identified security risks and issues
Participate in internal readiness reviews and external audits as needed by providing evidence and control documentation
Perform quality assurance checks on risk assessments and documented control gaps
Support cybersecurity training and awareness initiatives to promote best practices across the organization
Help identify opportunities to streamline assessment workflows and improve consistency across risk domains
Required Qualifications
2-5 years of experience in cyber risk management, IT risk, cybersecurity, or a related discipline
Familiarity with risk assessment frameworks (e.g., NIST RMF, FAIR, etc.)
Familiarity with cybersecurity principles, tools, and control frameworks (e.g., NIST CSF, CRI, CIS Controls)
Bachelor’s degree in cybersecurity, information technology, or related field
Advanced studies in information security or risk management
CRISC, CISA certification or equivalent
Experience Required 2+ years in information security, risk management, or similar field
Analytical thinking - Strong ability to analyze technical and business risk with critical thinking
Risk based judgement - Ability to evaluate and prioritize risks based on likelihood, impact, and control effectiveness
Attention to detail – High level of precision in assessment documentation, issue tracking, and reporting
Communication skills – Effective verbal and written communication
Skills & Knowledge Requirements
Familiarity with risk assessment methodologies and cybersecurity frameworks (e.g., NIST CSF, ISO 27001, SIG, FFIEC)
Experience with third party / vendor risk assessment processes and due diligence
Strong organization skills with experience managing multiple tasks and assessments simultaneously
Proficiency with reporting tools (e.g., Excel) and GRC platforms
Knowledge of application security concepts and cloud security
Understanding of regulatory environments such as NYDFS, SOX, SOC1 & 2 as they relate to cybersecurity
Seniority Level Associate
Employment Type Full‑time
Job Function Finance
Industry Banking and Investment Banking
Benefits
Medical insurance
Vision insurance
401(k)
Child care support
Paid maternity leave
Paid paternity leave
Disability insurance
#J-18808-Ljbffr
CACIB is seeking a highly motivated and detail-oriented Associate, Cyber Risk Management to join our growing cybersecurity and risk team. This role will play a central part in conducting internal cyber security reviews, including enterprise control, application level, and maturity assessments. The ideal candidate will have hands‑on experience performing cyber risk assessments and strong foundational knowledge of cybersecurity controls and frameworks.
Key Responsibilities
Plan, conduct, and document cyber risk assessments for internal applications, infrastructure, and networks
Perform control testing on cybersecurity and technology related controls to assess the design and effectiveness
Assess risk in alignment with control standards and business context, and evaluate control effectiveness using established frameworks such as NYDFS 500, NIST CSF, ISO27001, FFIEC, and CRI
Collaborate with internal stakeholders, including application owners, IT, and procurement, to gather risk related information, validate controls, and communicate results
Contribute to the ongoing development of cybersecurity policies, control requirements, and risk assessment procedures
Map and maintain controls to industry frameworks, and assist in interpreting requirements for new systems, vendors, or processes
Support efforts to improve the maturity and efficiency of the cyber risk assessment process, including process optimization and integration with Enterprise Risk Management Framework
Additional Responsibilities
Coordinate issue management and remediation, ensuring timely resolution of identified security risks and issues
Participate in internal readiness reviews and external audits as needed by providing evidence and control documentation
Perform quality assurance checks on risk assessments and documented control gaps
Support cybersecurity training and awareness initiatives to promote best practices across the organization
Help identify opportunities to streamline assessment workflows and improve consistency across risk domains
Required Qualifications
2-5 years of experience in cyber risk management, IT risk, cybersecurity, or a related discipline
Familiarity with risk assessment frameworks (e.g., NIST RMF, FAIR, etc.)
Familiarity with cybersecurity principles, tools, and control frameworks (e.g., NIST CSF, CRI, CIS Controls)
Bachelor’s degree in cybersecurity, information technology, or related field
Advanced studies in information security or risk management
CRISC, CISA certification or equivalent
Experience Required 2+ years in information security, risk management, or similar field
Analytical thinking - Strong ability to analyze technical and business risk with critical thinking
Risk based judgement - Ability to evaluate and prioritize risks based on likelihood, impact, and control effectiveness
Attention to detail – High level of precision in assessment documentation, issue tracking, and reporting
Communication skills – Effective verbal and written communication
Skills & Knowledge Requirements
Familiarity with risk assessment methodologies and cybersecurity frameworks (e.g., NIST CSF, ISO 27001, SIG, FFIEC)
Experience with third party / vendor risk assessment processes and due diligence
Strong organization skills with experience managing multiple tasks and assessments simultaneously
Proficiency with reporting tools (e.g., Excel) and GRC platforms
Knowledge of application security concepts and cloud security
Understanding of regulatory environments such as NYDFS, SOX, SOC1 & 2 as they relate to cybersecurity
Seniority Level Associate
Employment Type Full‑time
Job Function Finance
Industry Banking and Investment Banking
Benefits
Medical insurance
Vision insurance
401(k)
Child care support
Paid maternity leave
Paid paternity leave
Disability insurance
#J-18808-Ljbffr