Head of Operational Resilience Management
Job in
New York, New York County, New York, 10261, USA
Listed on 2026-06-06
Listing for:
Crédit Agricole SA
Full Time
position Listed on 2026-06-06
Job specializations:
-
IT/Tech
Cybersecurity, IT Project Manager, IT Consultant, Information Security
Job Description & How to Apply Below
Head of Operational Resilience Management
The Head of Operational Resilience Management will be responsible for developing, implementing, and overseeing the bank’s strategy to ensure resilience against operational disruptions, cyber threats, and systemic risks. This leadership role will guide enterprise‑wide resiliency initiatives, align with regulatory expectations, and collaborate closely with technology, risk management, compliance, and business teams to enhance incident response and operational integrity in a highly regulated financial environment.
SalaryRange
$200,000 – $250,000
Key Responsibilities• Implement a comprehensive operational and cyber‑resiliency strategy aligned with regulatory requirements and industry standards.
• Define resilience objectives, key risk indicators (KRIs), KPIs, and key control indicators (KCIs) to measure program effectiveness.
• Embed resilience principles into business and technology processes and stay ahead of emerging risks and regulatory changes.
• Oversee the incident management framework, ensuring rapid response and recovery from security and technology incidents.
• Lead tabletop exercises and simulations to test cyber incident response and business recovery capabilities.
• Coordinate with internal and external stakeholders during cyber events and ensure integration of cyber resilience into enterprise risk management.
• Develop and maintain enterprise‑wide BC/DR plans, conduct regular testing, audits, and training to validate effectiveness.
• Work with technology teams to meet recovery time objectives (RTOs) and recovery point objectives (RPOs) for critical systems.
• Establish alternative operational processes to mitigate disruptions during system failures or cyber events.
• Ensure compliance with relevant regulatory frameworks (e.g., FFIEC, OCC, Basel, DORA). Serve as liaison with regulators and auditors.
• Develop governance frameworks, policies, and procedures to enforce resilience‑related mandates.
• Promote a culture of compliance and resilience awareness across the organization.
• Assess and mitigate risks from third‑party vendors; implement due diligence processes, resilience testing, and contractual recovery requirements.
• Develop contingency strategies and robust exit plans for key service providers.
• Integrate resilience considerations into vendor selection and onboarding.
• Create an operational risk and threat intelligence program to identify vulnerabilities and emerging threats.
• Integrate threat intelligence into resilience planning, monitor trend indicators, and implement continuous improvement.
• Lead a cross‑functional resiliency team and collaborate with IT, risk management, compliance, and business units.
• Brief executives on resilience posture, key risks, and strategic initiatives.
• Advocate for investments and resource allocation to support critical resilience initiatives.
- Education:
Bachelor’s degree in Cybersecurity, Information Technology, Business Administration, or related field. MBA or MS preferred. - Certifications:
CISSP, CISM, GIAC strongly preferred. - Experience:
Minimum 10+ years in information security or related field; at least 3 years in a senior leadership role within banking or financial services.
- Incident Management – analyze, prioritize, and manage security incidents effectively.
- Strategic Thinking – align cyber risk initiatives with business objectives.
- Communication & Documentation – maintain thorough documentation and clear communication of security operations.
- Leadership & Team Management – build and lead high‑performing teams.
- Regulatory Compliance – navigate banking regulations proficiently.
- Industry Thought Leadership – recognized subject‑matter expert in cybersecurity or risk management.
- Knowledge of vulnerability scanning, threat intelligence tools, and information security technologies.
- Experience with security investigations and leading incident response.
- Familiarity with NIST Cybersecurity Framework and related industry frameworks.
- Proficiency in drafting and enforcing policies, procedures, and playbooks.
America, United States Of America
LanguagesProficiency in English (both written and verbal)
All our jobs are open to people with disabilities. We welcome applications from candidates of all backgrounds and experiences.
#J-18808-LjbffrTo View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×