Skip to content
Enterprise Technology Risk Management – Assistant Vice President
| Company | State Street |
|---|
| Location | Quincy, MA, USA |
|---|
| Salary | $80000 – $132500 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior |
|---|
Requirements
- Strong understanding of cyber and information security risk, with a particular emphasis on Data Leakage Protection (DLP), insider threats, encryption, and regulatory compliance
- 5+ years of experience with IT risk, audit or technology operations
- Bachelor’s degree in Computer Science/Information Systems, Risk Management or a related field, or equivalent experience
- Proficient in Microsoft Office suite including data analytics in Excel and/or Access
- Experience with IT GRC platforms (Archer), data governance tools
- Strong understanding of control frameworks
Responsibilities
- Engage with First Line technology activities and lead technology and cyber risk assessments
- Identify gaps across the technology and cyber process taxonomy inclusive of policies, standards, processes, and controls
- Identify, document, communicate and identify ownership of gaps and risks
- Monitor gap remediations to closure, including advisory items
- Review and assess KRI metrics for appropriate coverage and validity
- Document and follow-through till closure of real time review and challenge executed in risk committees
- Validate assigned regulatory findings, select first line self-identified issues
- Identify efficiencies and strengthen the process and control environment
- Support control assurance to include design and operating effectiveness
- Assist in driving maturity of assurance practices through training, mentoring and collaborating
- Provide transparency into work progress through regular status updates
- Lead junior staff in designated risk management and compliance projects
- Learn new and complex environments, processes, and technologies
- Stay abreast of industry developments including but not limited to changes in regulations
- Coordinate or lead various ad-hoc requests, projects
- Develop overall technology / product / business unit knowledge of State Street Corporation
Preferred Qualifications
- Professional designation a plus (e.g. CISA, CISM, CISSP, CRISC)
- Experience with supporting various Security Architectures, Cloud environments (AWS, Azure, GCP, OCI), Cybersecurity tools, Information Protection methodologies
- Knowledge of IT frameworks such as NIST, ISO, COBIT, ITIL a plus
- Familiarity in Information Security Frameworks including the ISO 27000 family, NIST, Cloud CCM
- A strong understanding of Technology and Cyber Risk Management to influence leaders on the need to embrace risk reduction initiatives and controls
