Technology and Cyber Risk Governance, Vice President

Join to apply for the Technology and Cyber Risk Governance, Vice President role at State Street

Continue with Google Continue with Google

1 day ago Be among the first 25 applicants

Join to apply for the Technology and Cyber Risk Governance, Vice President role at State Street

Who We Are Looking For

It is an exciting time to join State Street Corporation (SSC) in the Enterprise Technology Risk Management (ETRM) organization. ETRM is responsible for thought leadership, oversight, monitoring, and advisement around the discovery and remediation of Technology Risk and Cyber Risks across the enterprise.

Who We Are Looking For

It is an exciting time to join State Street Corporation (SSC) in the Enterprise Technology Risk Management (ETRM) organization. ETRM is responsible for thought leadership, oversight, monitoring, and advisement around the discovery and remediation of Technology Risk and Cyber Risks across the enterprise.

We are looking for an seasoned Technology and Cyber Risk Governance Leader with more than 15 years’ experience in financial services and/or technology industry. The qualified candidate should be well versed in identifying, managing and monitoring technology and cyber risks through the establishment of risk management processes, frameworks, methodologies, policy setting, escalation guidelines, monitoring and reporting. The position interacts with all levels of management and senior level executives in IT viz. Head of First Line Risk and Controls, Head of First Line Controls Design, Head of First Line Controls Assurance, Second Line Enterprise Risk Governance Team and Second Line Operational Risk Management Team. Therefore, exceptional interpersonal and communication skills are required. Candidates must demonstrate strong initiative, be able to perform well under pressure and be capable of managing multiple and diverse assignments.

The successful candidate will report in to the Global Head of Technology and Cyber Risk Governance, who reports directly into the Global Head of Technology and Cyber Risk. The role will establish and operationalize foundational governance program, assisted by a team of ETRM Risk professionals in alignment with the broader Enterprise Risk Management and Operational Risk Management Programs and mandates. This role will require periodic communications with internal audit and regulators in the financial services domain and therefore, prior experience with regulators is strongly desired. Experience with Cyber and Information Security, Cloud Risk Management (AWS, Azure), Enterprise Architecture, Technology and Operational Resilience is a plus.

Why this role is important to us

ETRM plays an important role in the overall success of the organization and our mission is to establish a world class Technology and Cyber Risk Management Oversight program that aligns business and technology strategies to enable effective decision making. The organization is going through large transformations and risk reduction initiatives and you will establish and operationalize standardized and structured governance aspects to support prudent decision making and timely escalation of risks. This position will also include providing thought leadership and support to both your peers in ETRM and your stakeholders in the business and corporate areas. You will need to periodically participate in meetings with our key regulators and provide support and advise to your stakeholders during regulatory exams and regulatory finding validations.

What You Will Be Responsible For

Your mission is to act as the ETRM advisor to the IT organization and first line of defense (FLOD) control function on matters relating to the IT risk posture of State Street as benchmarked against applicable laws and regulations, rules, standards and best practices. More specifically, you will be:

• Ensuring technology and cyber risks and non-compliance with internal and external standards are proactively identified, prudently managed, and effectively challenged
• Maintain the Technology Risk Policy and lead its integration into the broader enterprise risk and operational risk policies
• Support the definition of technology and cyber risk appetite statements, measurement through metrics and reporting thereof
• Enhance the design of ETRM’s second line risk opinion, in close conjunction with ERM, ORM and ETRM global and regional leads and support the Analytics lead in the generation and reporting to various risk governance forums on a monthly basis
• Participating in various risk governance forums and executing real time oversight and challenge
• Facilitate in the adoption of the Enterprise Technology Risk Framework for technology and cyber processes
• Monitoring technology risk appetite, reporting breaches, escalating exceptions and challenging risk acceptances
• Facilitate the execution of the quarterly Material Risk Identification Program across the bank for Technology and Cyber Risks in conjunction with Enterprise Risk Management
• Coordinate across various First line and ETRM leads on the execution and challenge of Risk Control Self Assessments
• Communicate and drive effective implementation of ETRM risk management policies, framework, tools, guidelines and standards internally within ETRM and across the business ensuring technology risks are identified and managed effectively.
• Provide strategic leadership, vision and on-going support to the First line of Defense (FLOD) and IT leaders regarding information technology and cyber risk governance best practices and trends
• Advise IT and FLOD in prioritization of risks, risk initiatives, risk mitigation alternatives
• Review and appropriately challenge risk decisions, direction, and initiatives under taken by the FLOD providing an independent voice to the risk management process
• Provide support and advise to ETRM and your stakeholders for regulatory exams and regulatory findings
• Collaborate with and support regional (APAC and EMEA ETRM) peers in matters related to technology risks
• Deliver assigned ETRM services annual book of work (risk assessments, continuous monitoring, issues management, reporting etc) through the established risk leads within the team and engaging the ETRM India Service Center of Excellence
• Keep abreast of new products, services, technologies and applications as well as their respective impact on the organization’s risk profile and associated governance mechanisms
• Serve as a subject matter expert in technology and cyber risk governance, controls, compliance, best practices
  
  
  

What We Value

These skills will help you succeed in this role

• Collaborative
• Ability to influence, obtain buy in and drive implementation of decisions
• Strategic mindset linking multiple aspects and initiatives to drive a wholistic view of the risk and control environment
• Excellent Communication skills
• Leading and developing teams
• Being an effective mentor and coach
• Ability to be a strong voice for review and challenge while continuing to maintain positive relationships with business stakeholders
• An ability to be a leader within their team, as well as be a leader amongst your peers
  
  
  

Education & Preferred Qualifications

• Minimum 15 years of experience in the financial, and or technology industries
• This position requires interacting with “C” level suite, so superior communication, interpersonal, negotiation, presentation and intergroup skills are critical for success
• Ability to translate technical issues into risk terms that business can understand is absolutely necessary
• Experience with regulatory exams and responses is strongly desired
• Advanced degree or undergraduate in technology disciple or equivalent
• Thought leadership around technology and cyber risk governance, policy, frameworks and appetite is a must
• Experience in risk management, compliance or audit, including but not limited to experience in design & implementation of control frameworks is desired
• CRISC, CISSP, TOGAF, CCSK is appreciated but not mandatory
• Working knowledge of industry and regulatory risk and control standards and frameworks - FFIEC, DORA, NIST-CSF, 800-53, COBIT, CCM etc is expected
  
  
  

Are you the right candidate? Yes!

We truly believe in the power that comes from the diverse backgrounds and experiences our employees bring with them. Although each vacancy details what we are looking for, we don’t necessarily need you to fulfil all of them when applying. If you like change and innovation, seek to see the bigger picture, make data driven decisions and are a good team player, you could be a great fit.

Salary Range

$140.000 - $222.500 Annual

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Job Application Disclosure

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Job ID: R-774321

• Seniority level
  Not Applicable

• Employment type
  Full-time

• Job function
  Finance and Sales
• Industries
  Financial Services, Investment Banking, and Investment Management

Referrals increase your chances of interviewing at State Street by 2x

Get notified about new Vice President of Risk jobs in Boston, MA.

Boston, MA
$175,000.00
-
$185,000.00
2 days ago

Boston, MA
$120,000.00
-
$205,000.00
1 day ago

Wellesley, MA
$210,000.00
-
$350,000.00
2 weeks ago

Boston, MA $124,000 - $262,000 9 hours ago

Boston, MA $115,000 - $190,000 1 month ago

Boston, MA $225,000 - $337,500 4 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.