Job Description

General information

Entity

About Crédit Agricole Corporate and Investment Bank (Crédit Agricole CIB)

Crédit Agricole CIB is the corporate and investment bank of the Crédit Agricole group, the 10th largest banking group in the world *.

We support major companies and financial institutions in their development and the financing of their projects.

As pioneers in responsible finance, social and environmental commitments are at the heart of our activities.

Joining our teams means working in a multicultural environment, both dynamic and stimulating, where you will contribute to developing a sustainable economy.

We support employees throughout their journey: you will develop your skills and access various mobility opportunities among the diversity of our businesses in more than 30 international locations.

Our culture is built on collaboration, innovation and openness, where everyone is valued and empowered.

By working every day in the interest of society, Crédit Agricole CIB aligns with the Group values committed to diversity and inclusion and placing people at the heart of all its transformations.

All our jobs are open to people with disabilities. We welcome applications from candidates of all backgrounds and experiences.

Ready to take part in our mission ?

*By balance sheet size - The Banker, Juillet 2025

Reference

2025-105619

Update date

29/04/2026

Business type

Types of Jobs - IT, Digital et Data

Job title

Cybersecurity Incident Response Team Lead – Vice President

Contract type

Permanent Contract

Job summary

The Cybersecurity Incident Response Team Lead is a leadership role responsible for leading and enhancing the bank’s Security Operations strategy. The Cybersecurity Incident Response Lead will oversee the incident response and threat intelligence programs to safeguard critical assets and data. The ideal candidate will combine technical expertise, operational efficiency, and a strategic mindset to mitigate risks and ensure compliance with regulatory requirements. This role requires exceptional leadership, technical skills, and communication skills to drive cross-functional collaboration and instill a culture of security across the organization.

Key Responsibilities

• Strategic Leadership
  • Develop and execute a comprehensive security operations strategy aligned with the bank's risk appetite and business objectives.
    Provide thought leadership on emerging cyber risks and recommend proactive measures to mitigate them.
    Serve as a trusted advisor to executive leadership, management committees, and the board on cyber risk issues.
  • Define, maintain, and report operational metrics to evaluate Security Operations program performance, effectiveness, and adherence with organizational and regulatory requirements.
• Incident Response and Crisis Management
  • Direct and manage Americas Cyber Security Incident Response Team (CSIRT) to ensure timely monitoring, detection, and response to threats.
  • Lead the development and execution of the bank’s incident response plan and associated playbooks
  • Coordinate responses to security incidents, ensuring minimal impact and quick recovery.
  • Establish and maintain a threat intelligence program to proactively identify and respond to emerging threats.
• Process and Technology Optimization
  • Evaluate, implement, and optimize security processes and technologies to enhance detection and response capabilities.
  • Collaborate with IT and engineering teams to integrate security into systems and processes.
  • Stay updated on emerging technologies and recommend solutions to address evolving threats.
• Regulatory Compliance and Audit Readiness
  • Ensure adherence to cyber risk management regulations, including FFIEC and other applicable laws.
    Represent the bank during regulatory examinations, audits, and executive presentations on cyber risk topics.
    Maintain thorough documentation to demonstrate adherence to policies and standards.
• Team Leadership and Development
  • Build and mentor a high-performing security operations team.
  • Provide training and development opportunities to ensure team members stay current in the field.
  • Foster a culture of accountability, collaboration, and continuous improvement

Salary Range: $150k-$185k

#LI-DNI

Supplementary Information

Core Competencies

• Ability to work at both a strategic and tactical level, focusing on the broader picture while driving execution.
• Ability to manage multiple initiatives simultaneously, determine prioritization, and work under minimal supervision.
• Awareness of latest Information Security risks.
• Comfort working in a highly global, diverse, and hybrid (office and virtual) work environment.
• Strong technology, information security, and investigation skills.
• Strong communication and documentation skills.
• Knowledge of business, regulatory, and compliance requirements in the financial services industry

Position location

Geographical area

America, United States Of America

City

NEW YORK

Candidate criteria

Minimal education level

Bachelor Degree / BSc Degree or equivalent

Academic qualification / Speciality

Education Essential: Bachelor’s degree in Cybersecurity, Information Technology, Business Administration, or a related field.

Education Desirable:

• Advanced degree (MBA, MS) is strongly preferred.
• Relevant industry certifications (CISSP, CISM, GIAC) are strongly preferred.

Level of minimal experience

11 years and more

Experience

Experience Essential: Minimum 10+ years of experience in information security or related field.

Experience Desirable: At least 3 years of experience in a senior leadership role within the banking or financial services industry.

Required skills

Competencies Essential:

• Incident Management: Ability to analyze, prioritize, and manage security incidents effectively.

• Strategic Thinking: Ability to align cyber risk initiatives with business objectives

• Communication and Documentation: Strong ensure thorough documentation and clear communications over security operations activities.

• Leadership and Team Management: Proven track record of building and leading high performing teams

• Regulatory Compliance: Expertise in navigating banking regulations

Competencies Desirable:

• Industry Thought Leadership: Recognized as a subject matter expert in the cybersecurity or risk management space

Technical skills required

Skills & Knowledge Essential:

• Technical Knowledge: Strong knowledge with information security technologies such as SIEM, SOAR, EDR, NDR, etc.

• Investigations: Strong knowledge with leading security investigations.

• Cybersecurity Frameworks: Deep understanding of frameworks such as NIST Cybersecurity Framework

• Policy and Procedure Development: Proficiency in drafting and enforcing policies, procedures, and playbooks.

Languages

English