Regulatory Affairs - IT and Cybersecurity Lead

The Regulatory Affairs - IT and Cybersecurity Lead will advise Natixis’ Combined U.S. Operations (“CUSO”) on IT, cybersecurity, and technology risk management issues. This role involves developing materials for and participating in interactions with regulators—both during examinations and ongoing monitoring meetings—while leading preparation efforts for examinations and recommending enhancements to ensure the best practices for internal policies, procedures, and documentation. The position requires liaising with stakeholders across all three lines of defense, particularly the Natixis CIB Americas CIO and CISO, and the IT and Technology Risk Management departments.

Essential Duties and Responsibilities

He/she/they will:

• Support regulatory interactions for the first and second lines of defense on IT, cybersecurity, and technology risk management topics, including leading preparations for various examinations conducted by Federal and State regulators.
• Advise and assist relevant IT and Technology Risk Management teams in addressing any IT and cybersecurity issues identified during regulatory exams or through other channels.
• Act as a Regulatory Affairs representative to coordinate responses to regulatory examinations and related internal reviews that involve IT, cybersecurity, or information security elements.
• Collaborate with the Regulatory Affairs Project Management team on remediation and implementation projects, working with first-line and support/control groups to enhance processes and controls in compliance with best practices and regulatory guidance.
• Analyze changes in the regulatory environment alongside the Regulatory Affairs Advocacy team, assess their impact on business, control, and risk frameworks, and provide solutions for implementing necessary changes in collaboration with business and support/control functions.
• Advise stakeholders across the organization on the planning and delivery of strategic or regulatory compliance-related projects, ensuring adherence to regulatory requirements and best practices in the firm’s IT and cybersecurity risk management processes.
• Provide guidance on IT and cybersecurity risk frameworks and policies, assisting with the interpretation and implementation of regulatory guidance (both new and existing), standards, and best practices, along with potential initiatives related to IT, information security, cybersecurity, and vendor risk management.
• Coordinate with Natixis’ Head Office teams as necessary on developing and implementing IT, information security, and cybersecurity policies, procedures, and standards, as well as critical regulatory examinations, interactions, or remediation efforts.
• Offer advisory support as needed for IT and Technology Risk Management documentation, procedures, and other requirements to ensure compliance with various policies and regulatory guidance.
• Support the activities of the Regulatory Affairs Department by developing materials, presentations, policies, and procedures, and assisting with examinations or continuous monitoring activities for other risk disciplines beyond IT and cybersecurity, as needed.

The salary range for this  position will be between $200,000 -$280,000. Natixis is required by law to include a reasonable estimate of the compensation range for this role. Actual base salary will vary and will be based on several factors including, but not limited to, relevant experience, education, skills set, applicable licensure and certifications, and other business and organizational needs. Base salary is only one component of our total rewards package. Natixis also offers a generous benefits package, and you may be eligible for a discretionary incentive award depending on company and individual performance.