Head of IT Security, Controls & Technology Risk (LoD1) - Executive Director jobs in United States
cer-icon
Apply on Employer Site
company-logo

Natixis Corporate & Investment Banking · 3 weeks ago

Head of IT Security, Controls & Technology Risk (LoD1) - Executive Director

positionNYC Metro Area
timeFull-time
remoteHybrid
seniorityLead/Staff
money$260K/yr - $300K/yr

Natixis Corporate & Investment Banking is seeking a highly skilled and experienced Head of IT Security, Controls & Technology Risk who will lead a critical team within their IT department. This role involves overseeing IT Security, Controls, Change Management, Incident Management, Disaster Recovery Planning, and Remediation functions, ensuring a robust Technology Risk posture that aligns with company and regulatory standards.

Financial Services
check
H1B Sponsor Likelynote

Responsibilities

Ensure adherence to policies, standards, and controls across the different IT taxonomies
Address exceptions and align security risks with the organization's risk management framework, in accordance with BPCE Group/Natixis CIB strategy, industry best practices (e.g., NIST, SOC2, ISO), and regulatory compliance requirements (e.g., NY DFS Part 500, FFIEC)
Regularly assess the effectiveness of AMER IT's LoD1 controls to ensure they are well-designed and operational, thereby mitigating risks and maintaining compliance with regulations
Present findings to the board and regulatory bodies, serving as the primary point of contact for auditor inquiries
Oversee the implementation of comprehensive remediation actions to effectively address identified security gaps
Collaborate with the AMER Regulatory Affairs department and Head Office partners (BPCE Group and Natixis) to plan and prioritize AMER IT Controls, Disaster Recovery Planning (DRP), and Security projects and initiatives
Track progress and report deliverables to senior management
Coordinate IT changes within AMER IT teams while overseeing the incident response process
Ensure timely identification, investigation, and remediation of security incidents
Work closely with the Second Line of Defense (Operational Risk, CISO–Technology Risk Management) for escalation, impact assessment, reporting, and follow-up on remediation actions
Lead the IT incident response process, including investigation, containment, eradication, recovery, and post-incident analysis to minimize the impact of IT breaches
Manage repositories of evidence and artifacts necessary for audits and regulatory compliance
Provide metrics and outcome-based performance indicators to assess risk management and remediation activities
Lead, mentor, and develop a team of security professionals and IT engineers
Foster their understanding of security gaps, encourage the evaluation of treatment options, and support the implementation of remediation strategies across your reporting scope and within AMER IT

Qualification

CybersecurityIT ControlsSecurity FrameworksIncident ResponseVulnerability ManagementRegulatory ComplianceGRC ToolsAnalytical SkillsCloud SecurityProfessional DevelopmentCommunication SkillsTeam LeadershipProblem-Solving SkillsProject ManagementAttention to Detail

Required

Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field
Strong experience in Cybersecurity and IT Controls, with significant experience in a senior or managerial role focused on security remediation, vulnerability management, and incident response
Deep understanding of security controls, their effectiveness, and alignment with security policies, standards, and best practices
Expertise in security frameworks (e.g., NIST CSF, ISO 27001, SOC 1,2) and security risk management principles
Strong knowledge on FFIEC and NY DFS regulation and implementation
Experience with GRC tools and best practices, preferably RSA Archer
Strong analytical and problem-solving skills, with attention to detail and accuracy
Excellent verbal and written communication skills, with the ability to convey complex technical information to diverse audiences
Ability to work effectively and decisively in dynamic and ambiguous situations
Ability to manage testing projects, track progress, and meet deadlines
Commitment to professional development and staying updated on emerging security threats and technologies

Preferred

A Master's degree is preferred
Relevant certifications such as CRISC, CISM, CISA, CISSP, or similar advanced security certifications are highly desirable
Knowledge of cloud security and securing hybrid IT environments is a plus

Benefits

Generous benefits package
Discretionary incentive award depending on company and individual performance

Company

Natixis Corporate & Investment Banking

twittertwittertwitter
company-logo
Natixis Corporate & Investment Banking is a financial institution offers banking, finance and capital markets services.
dateFounded in 2006
location
Paris, Ile-de-France, FRA
people-size5001-10000 employees
web-link
https://cib.natixis.com

H1B Sponsorship

Natixis Corporate & Investment Banking has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (4)
2024 (7)
2023 (2)
2022 (5)
2021 (1)
2020 (2)

Funding

Current Stage
Late Stage
Total Funding
$28.34M
2024-07-15Debt Financing· $28.34M

Leadership Team

leader-logo
Morin Stephane
Deputy CEO
linkedin
leader-logo
Olivier Delay
Americas CEO
linkedin

Recent News

PR Newswire
Origis Energy Closes $290 Million Financing for Swift Air Solar II and III Projects with Natixis CIB and Santander
2025-12-10
PR Newswire
Natixis Corporate & Investment Banking Provides $260 Million to Refinance Upper West Side Multifamily Property
2025-11-18
Energy-Storage.News
Enlight secures US$1.44 billion for Arizona hybrid PV plant with 1,900MWh BESS
2025-11-12
Company data provided by crunchbase