Cyber Risk Management – Associate Position Available In New York, New York

Cyber Risk Management

• Associate Crédit Agricole CIB
• 3.7 New York, NY Job Details Permanent $110,000
• $135,000 a year 2 hours ago Qualifications Certified Information Systems Auditor Microsoft Excel Computer Science Mid-level SOX Information security Cloud security Information Security Bachelor’s degree NIST standards Risk management Organizational skills

IT ISO 27001

Cybersecurity RMF 2 years Communication skills CRISC Information Technology Full Job Description Job description Business type Types of Jobs

• IT, Digital et Data Job title Cyber Risk Management
• Associate Contract type Permanent Contract Job summary Summary CACIB is seeking a highly motivated and detail-oriented Associate, Cyber Risk Management to join our growing cybersecurity and risk team.

This role will play a central part in conducting internal cyber security reviews, including enterprise control and maturity assessments, as well as application level and third-party risk assessments. The ideal candidate will have hands-on experience performing cyber risk assessments and strong foundational knowledge of cybersecurity controls and frameworks. Key Responsibilities Plan, conduct, and document cyber risk assessments for internal applications, infrastructure, and networks Perform cybersecurity reviews of third-party vendors as part of the onboarding and ongoing risk evaluation process Perform control testing on cybersecurity and technology related controls to assess the design and effectiveness Assess risk in alignment with control standards and business context, and evaluate control effectiveness using established frameworks such as

NYDFS 500, NIST

CSF, ISO27001, FFIEC, and CRI Collaborate with internal stakeholders, including application owners, IT, and procurement, to gather risk related information, validate controls, and communicate results Contribute to the ongoing development of cybersecurity policies, control requirements, and risk assessment procedures Map and maintain controls to industry frameworks, and assist in interpreting requirements for new systems, vendors, or processes Support efforts to improve the maturity and efficiency of the cyber risk assessment process, including process optimization and integration with Enterprise Risk Management Framework Additional Responsibilities Support the development of cyber risk metrics, dashboard, and reporting materials related to risk assessments or audits Participate in internal readiness reviews and external audits as needed by providing evidence and control documentation Help identify opportunities to streamline assessment workflows and improve consistency across risk domains Required Qualitifications 2-5 years of experience in cyber risk management, IT risk, cybersecurity, or a related discipline Familiarity with risk assessment frameworks (e.g., NIST RMF, FAIR, etc.) Familiarity with cybersecurity principles, tools, and control frameworks (e.g., NIST

CSF, CRI, CIS

Controls)

Supplementary Information Salary Range:

$110k

• $135k #LI-DNI Position location Geographical area America, United States Of America City

NEW YORK

Candidate criteria Academic qualification /

Speciality Required:

Bachelor’s degree in cybersecurity, information technology, or related field

Preferred:

Advanced studies in information security or risk management

CRISC, CISA

certification or equivalent Level of minimal experience 3-5 years Experience 2+ years in information security, risk management, or similar field Required skills Analytical thinking

• Strong ability to analyze technical and business risk with critical thinking Risk based judgement
• Ability to evaluate and prioritize risks based on likelihood, impact, and control effectiveness Attention to detail
• High level of precision in assessment documentation, issue tracking, and reporting Communication skills
• Effective verbal and written communication Familiarity with risk assessment methodologies and cybersecurity frameworks (e.

g., NIST

CSF, ISO 27001, SIG, FFIEC

) Experience with third party / vendor risk assessment processes and due diligence Strong organization skills with experience managing multiple tasks and assessments simultaneously Proficiency with reporting tools (e.g., Excel) and GRC platforms Knowledge of application security concepts and cloud security Understanding of regulatory environments such as

NYDFS, SOX, SOC1 & 2

as they relate to cybersecurity