BNP Paribas
Jersey City, NJ
About the job
Business Overview:
The Americas Head of Information Security is responsible for all aspects of information security and cyber security risks within the first line of defense (1LoD) in the Americas region for BNP Paribas within the Corporate & Institutional Banking and Asset Management perimeter. The Americas Head of Information Security is the Head of the Information Security Department and reports to AMER CIB ITO CCCO & AMER CISO.
The AMER CIB ITO CCCO & AMER CISO is responsible for building momentum and continue to strengthen and enhance the cybersecurity posture of the Americas platform. As Americas CISO, the Managing Director is responsible for defining the cybersecurity strategy as well as for leading and driving the Technology & Information Security Risk Management for the Americas region, while ensuring alignment with Group and CIB strategy. As CIB Americas ITO CCCO, the Managing Directors responsibilities include: managing CIB Americas Information Security, Operational Resilience, IT & Cyber Governance Risk & Control (GRC) and ITO Operational & Permanent Control (OPC), Regulatory Controls, Records Management, Corporate & Physical Security and Business & IT Continuity. He will represent the Bank within these areas with the BNP Paribas USA Board, the US regulators and industry peers. Together with the Head of ITO Americas, the AMER CIB ITO CCCO & AMER CISO will continue to support the transformation and industrialization of the IT & Operations controls, conduct, and oversight framework.
Candidate Success Factors:
Candidates are measured on the following four performance drivers, which will dictate how individual impact is considered on the Americas platform:
• Results and Impact
• Able to influence peers and team.
• Demonstrates good judgement when making decisions of high complexity and impact.
• Exercise appropriate autonomy in the execution and delivery of work.
• Responsible for driving outcomes, which have meaningful effect on team or department.
• Leadership and Collaboration:
• Creates trust with colleagues.
• Acts in leadership capacity for projects, processes, or programs.
• Client, Customer and Stakeholder Focus:
• Able to build relationships with a mix of colleagues and clients.
• Interacts regularly with management and department leaders.
• Demonstrates the ability to influence stakeholders at the team level.
• Compliance Culture and Conduct:
• Takes full responsibility for personal actions and demonstrates courage in facing problems and conflicts.
• Perceived as a person of high moral character; upholds corporate values and displays high ethical standards.
Responsibilities:
The Americas Head of Information Security:
• Develops and maintains an Information Security Strategy for the Americas region, in alignment with local regulatory requirements and Group / Global expectations.
• Provides regular updates to the Americas Board and/or other appropriate Board Committee on progress against the Information Security Strategy and key messages related to the department.
• Provides strategic direction for Information Security department staff, in alignment with the Strategy and manages the Information Security Executive Committee encompassing:
Identity Access Management, Cyber Defense Center, Application & Third-Party Security, Data Security, Cyber Transformation, as well as responsibilities for the Canada, SAR & Mexico Information Security Teams.
• Establishes and maintain strong working relationship with peers across the Group and Global organizations.
• Leads discussions and examinations on Information Security with Americas regulatory agencies.
• Ensure regulatory, management and head-office requirements are integrated in the Information Security budget exercise.
• Champions efforts to achieve compliance against applicable regulatory and Group cyber requirements.
• Develops local policies, standards, processes, plans and guidelines as needed in compliance with laws and regulations and align with information security objectives for the Bank.
• Oversees the implementation of controls and processes in the Information Security and other relevant departments, in order to protect the bank against ongoing information security threats.
• Organizes and leads the Americas Cyber Steering Committee, the US Cyber Steering Committee, WHC/CIB Americas DLP Operating Committee, CIB Americas Cyber Operating Committee. Leads
and contributes to the Information Security & IT Production Security Resource Forum.
• Oversees the Information Security Awareness Training Plan.
• Coordinates with others to help ensure the resilience of critical information assets and systems.
• Ability to assess and forecast talent requirements to meet organizational objectives.
• Understands the budget process.
• Assesses control gaps and recommends remediation which may include implementation of compensating controls.
• Reports and tracks actions to address and/or mitigate open risks.
• Deliver KPI and KRIs to provide transparent reporting on risks to RISK and other colleagues.
• Participate in prep of table-top exercises related to information security.
• Maintaining a relationship of trust with the business and provide clear transparency into costs.
• Represent the Information Security Department in interactions with key business clients.
Minimum Required Qualifications:
Successful candidates for this position must be able to:
• At least 15 years of relevant industry experience with a main focus within the Information Security space
• Bachelor’s degree from accredited university, Information Technology, Computer Science or Engineering.
• Manage a dedicated team of Information Security professionals.
• Demonstrate expertise in the Information Security field.
• Positively and constructively influence others.
• Communicate clearly and effectively to executive management and regulatory examiners.
• Evaluate and recommend suitable investments in Information Security with regard to specified requirements.
• Lead by example, develop and maintain team spirit, share information transparently, and promote initiative and innovation.
• Demonstrate knowledge of the financial services industry.
• Ability to work across departments to implement the Banks’ privacy principles and programs.
Preferred Qualifications:
• ISC2 Certified Information Systems Security Professional (CISSP) or
• ISACA Certified Information Security Manager (CISM) or
• ISACA Certified Information Systems Auditor (CISA)
FINRA Registrations Required:
• Not Applicable
CFTC Swap Dealer Associated Person (if yes, NFA Swaps Proficiency Program is required):
• Not Applicable
SEC Security-Based Swap Dealer Associated Person:
• Not Applicable
While the description above describes our ideal candidate, we encourage applicants to apply even if they do not fully meet the complete list of qualifications noted.
The expected starting salary range for this position is between $290,000 to $350,000 annually. The actual salary may vary based upon several factors including, but not limited to, relevant skills/experience, time in role, base salary of internal peers, prior performance, business line, and geographic/office location.
In addition, our comprehensive benefits package aims to support our employees in various aspects of their lives. From healthcare and wellness programs to retirement plans and childcare services, we prioritize the well-being and growth of our employees. Our benefits include medical, dental and vision coverage, a 401(k) Savings Plan, backup childcare, life, accident and disability insurance, mental health support and paid time off. Additional details about our benefits offerings, inclusive of eligibility for a discretionary bonus, will be provided during the hiring process.
Apply Online
07-Mar-2025