Security Compliance Officer

Security Compliance Officer page is loaded

Apply locations: Toronto, Ontario | Time type: Full time | Posted on: Posted 6 Days Ago | End Date: June 30, 2025 (30+ days left to apply) | Job requisition id: R-772437

Charles River Development (CRD) is the FinTech division of State Street. Together with State Street’s Middle and Back-office services, Charles River’s cloud-based Front Office technology forms the foundation of the State Street Alpha Platform, the industry’s first front-to-back solution.

CRD has experienced over 135% growth in headcount in the last 5 years and continues to expand. As a digital innovation leader, we invest in our solutions, processes, systems, and talent.

The CRD / Alpha Platform Engineering team is transforming the platform by adopting next-generation cloud-based technologies such as Microsoft Azure, Kafka, Snowflake, and more.

As a Security Compliance Officer based in North America, you will play a vital role in supporting application security to ensure risk management controls are identified, documented, communicated, and implemented across products. You will collaborate with security teams like Security Architecture and Security Engineering, gaining insights into secure application development and design. Your efforts will help enhance our Secure SDLC processes and introduce innovative solutions to improve our security practices.

• Respond to queries and participate in discussions with security and risk teams during NAM hours.
• Support internal and external audits, including regulatory compliance reviews.
• Maintain and update SSDLC Procedures to align with enterprise policies and standards.
• Track issues and findings, ensuring timely remediation.
• Coordinate with risk management and security teams to implement process changes.
• Identify improvements in risk reporting and operational efficiency.
• Perform periodic control testing and evidence collection to meet risk objectives.
• Collaborate with CRD Engineers to promote vulnerability management awareness.
• Develop processes for managing third-party library usage in products.

• B.S. degree (or equivalent) in Computer Science, Engineering, Mathematics, Physics, or related technical field.

• Experience in risk management and application security roles.
• Strong knowledge of Secure Software Development Lifecycle (SSDLC).
• Understanding of industry standards and regulations such as NIST 800-53, DORA, GDPR, CCPA is desirable.
• Certifications like ISO 27001 Lead Auditor, CISA, SSCP, CISSP are advantageous.
• Excellent written and verbal communication skills.
• Strong analytical and problem-solving abilities.

State Street is a leading custodian bank, asset manager, and asset intelligence company, serving clients worldwide for over two centuries. We offer investment servicing, data & analytics, research & trading, and investment management services.

We strive to create a supportive work environment with competitive benefits, flexible work programs, and development opportunities.

Our commitment to diversity and social responsibility fosters an inclusive environment where everyone can thrive. We value diverse backgrounds and perspectives and actively engage with communities globally. We are an equal opportunity employer.