Do you love a career where you Experience Grow & Contribute at the same time while earning at least 10% above the market If so we are excited to have bumped onto you.
Role: Head of IT Security
Location: McLean VA
Hybrid Mode Position
Exp: 10 years
The Head of IT Security is a key leader within our CIB Americas IT organization to protect the bank assets.
He/she/they will be responsible for ensuring the highest standards of IT security aligned with the regulatory frameworks established by the Federal Reserve Bank (FRB) the New York Department of Financial Services (NY DFS) and any other applicable Americas (CFTC Canada etc.) and European (ECB etc.) regulators.
This role is responsible for providing guidance expertise on all IT Security and Access Management activities for the Natixis CIB Americas platform.
Strategic Leadership:
- Develop and execute a comprehensive IT security strategy aligned with business goals company policy and regulatory requirements with the CIO CIB Americas guidance and coordination with Head Office IT Security (Natixis and BPCE Group).
- Provide strategic guidance to CIO CIB Americas and Senior Management on emerging cybersecurity trends and threats.
Regulatory Compliance:
- Stay abreast of FRB and NY DFS regulations ensuring the bank s IT security practices consistently comply with all requirements.
- Intersection with the Head Office ensuring alignment with European Central Bank (ECB) regulations and Head Office standards unless local US requirements supersede.
- Lead efforts to prepare for and respond to regulatory examinations and certification related to IT security in both the Americas and European jurisdictions.
Risk Management:
- Identify and mitigate cybersecurity risks to protect the bank s critical assets and sensitive information in line with the company policies.
- Implement and enhance IT Security solutions in line with the risk management frameworks to safeguard against evolving threats.
IT Incident Response:
- Develop and maintain an effective IT incident response plan coordinating efforts to detect respond and recover from IT security incidents.
- Conduct postincident reviews to continuously improve response procedures.
Security Infrastructure:
- Oversee the design and implementation of robust security infrastructure including firewalls intrusion detection/prevention systems and endpoint security with the IT department.
- Assess and ensure that IT Security is implemented across IT Assets and projects.
Security Operations Center (SOC):
- Liaise with the Head Office SOC team ensuring 24/7 monitoring and rapid response to security incidents.
- Oversight and refine if necessary SOC processes including threat hunting and intelligence sharing.
Cybersecurity:
- Drive operational initiatives to enhance the bank s cybersecurity posture through proactive threat detection and prevention measures.
- Collaborate with 2nd Line of Defense (TRM / CISO Compliance Risk teams etc.) and 1st Line of Defense (IT Control Tower Business Continuity Purchasing etc.) at the CIB Americas platform as well as Head Office to implement a robust Cybersecurity program.
- Liaise with internal and external experts to stay ahead of emerging cyber threats.
Access Management and Controls:
- Develop and enforce access management in line with the company policies to ensure the right individuals have appropriate access to systems and data.
- Recertify users accesses as well as applications.
- Implement and manage robust IT Security and Access Management controls to safeguard against CyberSecurity threats and unauthorized access.
IT Security Awareness and Training:
- Foster a culture of IT security within the IT department as well as across the organization through training programs communication initiatives and controls conjointly with CIB Americas TRM / CISO.
- Raise awareness to Head Office on Americas IT Security requirements to ensure alignment strong collaboration and robust IT Security solutions.
- Collaborate with HR and other CIB Americas department that employees are wellversed in IT security best practices.
Vendor Management:
- Assist to evaluate thirdparty vendors providing services to the bank ensuring they meet the company IT security requirements.
- Propose guidance and solution to mitigate IT Security risks.
Collaboration:
- Work closely with crossfunctional teams including: IT TRM / CISO compliance legal risk management and audit to integrate IT security into business processes controls and solutions.
- Liaise with teams at the Natixis CIB Americas platform as well as at Head Office (Natixis and BPCE group) and others Natixis CIB Platforms (APAC EMEA and Porto).
Requirements
- Bachelor s degree in a relevant field; advanced degree or industry certifications (CISSP CISM etc.) preferred.
- Proven experience (6 years) in a leadership role within IT security preferably in the financial sector.
- Indepth knowledge of FRB and NY DFS CyberSecurity regulations as well as manual references (FFIEC IT handbooks NIST etc.) and demonstrated success in maintaining compliance.
- Strong analytical and problemsolving skills with the ability to make sound decisions under pressure.
- Effective communication skills coupled with the ability to understand technology sufficiently in order to clearly communicate in simple terms for key stakeholders.
- Excellent interpersonal skills.
Benefits
Bachelor s degree in a relevant field; advanced degree or industry certifications (CISSP, CISM, etc.) preferred. Proven experience (6+ years) in a leadership role within IT security, preferably in the financial sector. In-depth knowledge of FRB and NY DFS CyberSecurity regulations as well as manual references (FFIEC IT handbooks, NIST, etc.) and demonstrated success in maintaining compliance. Strong analytical and problem-solving skills, with the ability to make sound decisions under pressure. Effective communication skills coupled with the ability to understand technology sufficiently in order to clearly communicate in simple terms for key stakeholders. Excellent interpersonal skills.