State Street · 2 weeks ago
Head of Cyber & Information Security Oversight (SVP)
Clifton, NJ
Full-time
Onsite
Director/Executive
$225K/yr - $338K/yr
15+ years expState Street is one of the largest custodian banks and asset managers in the world, and they are seeking a Head of Cyber & Information Security Oversight. This role is responsible for leading the global Cybersecurity Risk Oversight function, providing strategic guidance on cyber risks, and ensuring effective risk management across the organization.
BankingFinanceFinancial Services
Responsibilities
Establish and Operate the global Cybersecurity Risk Oversight function in ETRM
Be a risk advisor and challenge function to the State Street Global CISO function and program
Establish State Street’s Cyber Risk Appetite, with corresponding policies and Metrics and thresholds, reporting breaches, escalating exceptions and challenging risk acceptances and provide guidance on improving the risk position to support the business
Be an acknowledged thought leader in the industry, with a strong understanding of attributes of an effective Cybersecurity program at peer organizations
Establish an analytics capability to provide cyber risk insights, leveraging AI for greater effectiveness
Develop risk reports customized to the business needs of legal entities and regions to drive risk reduction in a cost-effective way
Lead or co-Chair various senior governance forums like the Cybersecurity Risk Committee and the Vulnerability Governance Forum that manage Cybersecurity risk to State Street
Communicate and drive effective implementation of ETRM risk management policies, framework, tools, guidelines and standards across the business ensuring cyber risks are identified and managed effectively
Ensuring cyber risks and non-compliance with internal and external standards are proactively identified, prudently managed, and effectively challenged
Identifying/assessing/controlling/monitoring risks and supporting FLOD in planning/executing controls and additional compensating controls
Review and challenge the first line cyber controls assurance program and the constituent cyber processes
Provide challenge to the EVPs leading the Cyber Enterprise Processes and foster deeper and integrated FLOD/SLOD relationships and embedded, proactive risk management
Advise FLOD in prioritization of risks, risk initiatives, risk mitigation alternatives
Lead second line regulatory interaction for Cyber Risk with regulators, including the FCA/PRA, HKMA, MAS, APRA and ECB, including resolution of issues and concerns
Be a thought leader for managing emerging Cybersecurity risks to provide credible risk management guidance to the regulators
Collaborate with and support regional) and Business Unit Risk Management peers in matters related to cyber and information security risks
Develop and deliver the ETRM Cybersecurity annual Book of Work (risk assessments, continuous monitoring, issues management and reporting) through the established risk leads within the team while leveraging the ETRM India GCC
Coordinate across multiple risk types in Operational Risk Management, like Data Risk, Fraud and Third-Party Risk programs. Utilize available Enterprise Risk and Operational risk management tools (NBPRA, MRI, RCSA, KRI’s, Incident data, Loss event data) in conjunction with other environmental changes to proactively monitor the control environment and identify and address potential weaknesses and/or gaps in a timely manner
Keep abreast of new products, services, technologies and applications as well as their respective impact on the organization’s risk profile
Qualification
Required
More than 15 years of experience in the financial services and/or technology industry
Deep Technical Experience: Hands-on Cybersecurity leader in roles as a CISO or CTRO at comparable organizations with a global footprint or at a Deputy CISO level in a G-SIB
Well versed in identifying, assessing, managing and monitoring cyber risks across several domains such as Identity and Access, Information Protection, Threat and Vulnerability Management, Cyber Incident and Response, Application security, Secure configuration, Security Architecture and Cyber Risks related to Third parties
Strong Business background: Proven capability for translating this technical understanding into business risk to be able to provide guidance to and challenge senior level IT executives
Strong Executive Presence: effectively communicate with senior executives at the EVP and C-level, the Board and with regulators globally
Demonstrate strong initiative, be able to perform well under pressure and be capable of managing multiple and diverse assignments
Establish and Operate the global Cybersecurity Risk Oversight function in ETRM
Be a risk advisor and challenge function to the State Street Global CISO function and program
Establish State Street's Cyber Risk Appetite, with corresponding policies and Metrics and thresholds, reporting breaches, escalating exceptions and challenging risk acceptances
Be an acknowledged thought leader in the industry, with a strong understanding of attributes of an effective Cybersecurity program at peer organizations
Establish an analytics capability to provide cyber risk insights, leveraging AI for greater effectiveness
Develop risk reports customized to the business needs of legal entities and regions to drive risk reduction in a cost-effective way
Lead or co-Chair various senior governance forums like the Cybersecurity Risk Committee and the Vulnerability Governance Forum
Communicate and drive effective implementation of ETRM risk management policies, framework, tools, guidelines and standards across the business
Ensuring cyber risks and non-compliance with internal and external standards are proactively identified, prudently managed, and effectively challenged
Identifying/assessing/controlling/monitoring risks and supporting FLOD in planning/executing controls and additional compensating controls
Review and challenge the first line cyber controls assurance program and the constituent cyber processes
Provide challenge to the EVPs leading the Cyber Enterprise Processes and foster deeper and integrated FLOD/SLOD relationships and embedded, proactive risk management
Advise FLOD in prioritization of risks, risk initiatives, risk mitigation alternatives
Lead second line regulatory interaction for Cyber Risk with regulators, including the FCA/PRA, HKMA, MAS, APRA and ECB
Collaborate with and support regional and Business Unit Risk Management peers in matters related to cyber and information security risks
Develop and deliver the ETRM Cybersecurity annual Book of Work (risk assessments, continuous monitoring, issues management and reporting)
Coordinate across multiple risk types in Operational Risk Management, like Data Risk, Fraud and Third-Party Risk programs
Keep abreast of new products, services, technologies and applications as well as their respective impact on the organization's risk profile
Strong ability to collaborate effectively
Superior communication, interpersonal, negotiation, presentation and intergroup skills are critical for success
The ability to translate technical issues into risk terms that business can understand is necessary
Being an effective mentor and coach
Ability to be a strong voice for review and challenge while continuing to maintain positive relationships with business stakeholders
An ability to be a leader within their team, as well as being a leader amongst your peers
CISSP or equivalent is required
Minimum 15 years of experience in the financial, and or technology industries, with at least 5 years in executive roles as a CISO, Deputy CISO or equivalent in a G-SIB
Preferred
Experience with regulatory exams and responses is strongly desired
Advanced degree or undergraduate degree in technology / cyber discipline or equivalent
Working knowledge of industry and regulatory risk and control standards and frameworks such as FFIEC, DORA, NIST-CSF, 800-53, COBIT, CCM, and MITRE ATT&CK is expected
Benefits
Retirement savings plan (401K) with company match
Insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages
Paid-time off including vacation, sick leave, short term disability, and family care responsibilities
Access to our Employee Assistance Program
Incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans)
Eligibility for certain tax advantaged savings plans
Flexible Work Programs
Development programs and educational support
Paid volunteer days
Company
State Street
State Street offers a range of financial services, including investment management, research and trading, as well as asset management.
10001+ employees
H1B Sponsorship
State Street has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (1)
Funding
Current Stage
Public CompanyTotal Funding
$12.05B2025-10-23Post Ipo Debt· $1B
2025-04-24Post Ipo Debt· $2B
2025-02-06Post Ipo Equity· $750M
Leadership Team
Ronald O'Hanley
Chairman and Chief Executive Officer
R
Renee LaRoche-Morris
Senior Vice President, Chief of Staff to the COO; Head of CAO Services
Recent News
2025-12-30
2025-12-30
Company data provided by crunchbase