Third Party Cyber Risk Management Senior Security Analyst

3 weeks ago

Quincy MA United States State Street Corporation Full time
Who we are looking for
State Street's Global Cyber Security (GCS) Third Party Cyber Risk Management (TPCRM) program seeks to mitigate a variety of third-party information security risk in accordance with the Bank's cyber risk appetite. Through a framework that addresses policy, process, operations, people, and technology, GCS protects our infrastructure, company data, and customer assets while ensuring alignment with applicable global regulations and laws.
About the Role
State Street's TPCRM organization is seeking a Senior Analyst (Individual Contributor) in the area of Cyber Security for the Third Party Cyber Security Assessments team. The role activities include assessing, verifying, and reporting on the effectiveness of information/cyber security related safeguards of a third party's corporate information security program.

What you will be responsible for
  • To thoroughly perform cyber/information security assessments of third party service providers' enterprise using State Street's risk management framework and cybersecurity assessment methods for vendors of varying sizes and complexities.
  • Review/analyze third party attestation and certification artifacts (SOC2, SIG, NIST, ISO 27001/2 Certifications, etc.) shared by third parties to identify the information security risks
  • Document assessment results consistent with State Street's TPCRM, Issue Management and Enterprise Risk Management standards
  • Provide subject matter expertise in the Third Party information security program and provide timely recommendations to identified problems

What we value
These skills will help you succeed in this role
  • 5+ years of experience working in Cyber/Information Security Governance Risk and Compliance role
  • 3+ years of experience performing Third Party Cyber/Information Security Assessment or Cyber Security Assessments
  • Knowledge of security and risk management frameworks as well as and regulations such as ISO 27001/27002, NIST, FRB/OCC Third Party Risk Management Guidelines, FFIEC Security Handbook, GDPR, DORA, etc.
  • Superior attention to detail with excellent written and both verbal communication and presentation skills
  • Expertise in writing technical and risk management reports.

Education & Preferred Qualifications
  • Bachelor's and/or Master's degree in Cybersecurity, Law, Privacy, Enterprise or Operational Risk Management preferred
  • Demonstrated critical thinking and analytical skills. Ability to unwind complex cyber/information security issues for a variety of technical and non-technical audiences
  • Strong understanding of information security domains and possesses a well-rounded security and risk management background

Are you the right candidate? Yes
We truly believe in the power that comes from the diverse backgrounds and experiences our employees bring with them. Although each vacancy details what we are looking for, we don't necessarily need you to fulfil all of them when applying. If you like change and innovation, seek to see the bigger picture, make data driven decisions and are a good team player, you could be a great fit.
Why this role is important to us
Our technology function, Global Technology Services (GTS), is vital to State Street and is the key enabler for our business to deliver data and insights to our clients. We're driving the company's digital transformation and expanding business capabilities using industry best practices and advanced technologies such as cloud, artificial intelligence and robotics process automation.

We offer a collaborative environment where technology skills and innovation are valued in a global organization. We're looking for top technical talent to join our team and deliver creative technology solutions that help us become an end-to-end, next-generation financial services company.

Join us if you want to grow your technical skills, solve real problems and make your mark on our industry.

About State Street
What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, we're making our mark on the financial services industry. For more than two centuries, we've been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.
Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary by location, but you may expect generous medical care, insurance and savings plans, among other perks. You'll have access to flexible Work Programs to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential.
Inclusion, Diversity and Social Responsibility. We truly believe our employees' diverse backgrounds, experiences and perspectives are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift programs and access to employee networks that help you stay connected to what matters to you.
State Street is an equal opportunity and affirmative action employer.

Salary Range:
$100,000 - $160,000 Annual
The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

  • VP/Third Party Cyber Security Assessment Operations Leader

    3 weeks ago

    Quincy, MA, United States State Street Corporation Full time

    TPCRM VP Role State Street is seeking an operations leader for our Third-Party Cyber Risk Management Program. The VP of Third-Party Cyber Risk Management Assessment Operations will be responsible for providing leadership in the effective and efficient operations pertaining to the bank's global third-party cyber risk management program, engaging with partners...

  • Risk Management Analyst, Senior

    4 days ago

    United States of America Blackbaud Full time

    The Risk Management Analyst will work within the Operational Risk Management team with responsibilities to support the ongoing execution of Business Continuity Management (BCM) and Third-Party Risk Management (TPRM) program operations. The Risk Management Analyst will help to understand, formalize, and act upon Information Technology risk management...

  • Cyber Security Operations Center

    3 weeks ago

    Quincy, MA, United States State Street Corporation Full time

    State Street seeks to recruit a SOC Manager for its Cyber Defense Center. The SOC Manager will help lead the triage, analysis and response to cyber-attacks. Join us in evolving our response capabilities to protect State Street, its customers and partners from ever-evolving and sophisticated threat actors. State Streets Cyber Fusion Center is responsible for...

  • Sr. Analyst, 3rd Party Risk Management

    7 days ago

    N/A, N/A, United States ManpowerGroup Talent Solutions RPO Full time

    ManpowerGroup Talent Solutions is looking for a Senior Analyst, 3rd Party Risk Management. This exciting new opportunity is a long-term/no end date W2 Contract position. This is a fully remote position but candidates must be willing to work 8am-5pm Pacific Time Zone. Candidates may reside anywhere in the US as long as they agree to the schedule/hours. In...

  • Early Career Cyber Security Operations Center

    3 weeks ago

    Quincy, MA, United States State Street Corporation Full time

    Who are we looking for: State Street seeks to recruit an Early Career Cyber Security Operations Center (SOC) analyst that will assist in the detection, triage, analysis and response to cyber-attacks. The analyst will join our SOC team which will run a 24/7 coverage, 365 days a year model, with a partner team in Ireland. The SOC team is responsible for...

  • Lead Cyber Security Operations Center

    2 weeks ago

    Quincy, MA, United States State Street Corporation Full time

    Who are we looking for: State Street seeks to recruit an Lead Cyber Security Operations Center (SOC) analyst that will assist in the detection, triage, analysis and response to cyber-attacks. The analyst will join our SOC team which will run a 24/7 coverage, 365 days a year model, with a partner team in Ireland. The SOC team is responsible for analyzing...

  • Sr. Director, Third Party Compliance Oversight

    20 hours ago

    Boston, MA, United States Commonwealth Care Alliance Inc. Full time

    Sr. Director, Third Party Compliance Oversight #24-357 {{jcity}}{{jstate}} Legal & Compliance Why This Role is Important to Us The Senior Director, Third Party Compliance Oversight reports directly to the SVP, Corporate Compliance & Ethics and Risk Operations, and leads the Third-Party Compliance Oversight department for Commonwealth Care Alliance...

  • Procurement Risk Manager

    2 weeks ago

    Worcester, MA, United States MassMutual Full time

    Risk Manager, Procurement Shared ServicesFull-Time,Boston, MA or Springfield, MAThe OpportunityAs a Procurement Risk Manager, we need your experience and leadership to partner closely with teams in the MassMutual’s Procurement Organization and cross-functional stakeholders to manage third party risk in the first line of defense.  The core function of...

  • Senior Risk Manager

    4 weeks ago

    Quincy, United States The Newburgh Group Full time

    The Senior Risk Officeroperates as a key leadership role in the company by guiding risk management functions. They are responsible for overseeing compliance and CRA, information security, fraud protection, and risk management. This role requires a highly skilled professional with a deep understanding of the financial services industry and the ability to...

  • Procurement Risk Manager

    1 week ago

    Worcester, MA, United States MassMutual Full time

    Risk Manager, Procurement Shared Services Full-Time, As a Procurement Risk Manager, we need your experience and leadership to partner closely with teams in the MassMutual’s Procurement Organization and cross-functional stakeholders to manage third party risk in the first line of defense. The core function of Procurement Risk is being built out and will...

  • Cyber Security Engineer

    19 hours ago

    Boston, MA, United States Follett School Solutions Full time

    Position Overview: Under the guidance of Director of Information Security, the Cyber Security Engineer will be responsible for administering and implementing enterprise information security architecture and technology solutions to address the emerging security and compliance needs of the business. Serves as a subject matter expert for cyber secure system...

  • Cyber Policy and Strategy Manager

    1 week ago

    Quincy, United States State Street Full time

    Who we are looking for: The State Street Global Cybersecurity team is looking for a Cyber Policy and Strategy Manager. The Cybersecurity team is responsible for ensuring that all platforms, architecture, and tooling used across the State Street enterprise are secure and compliant by design. As a Cyber Policy and Strategy Manager, you will help to spearhead...

  • Senior Staff Cyber Security Engineer

    3 days ago

    , CA, United States GE Aviation Full time

    Job Description SummaryWe are seeking an experienced Senior Staff Cyber Security Engineer to lead our efforts in securing AWS and Azure GovCloud environments. The ideal candidate will possess deep expertise in cloud security, particularly within government frameworks, and will be adept at utilizing Cloud Security Posture Management (CSPM) tools such as Wiz....

  • Procurement Risk Manager

    1 week ago

    Worcester, MA, United States MassMutual Full time

    Risk Manager, Procurement Shared Services Full-Time, Boston, MA or Springfield, MA The Opportunity As a Procurement Risk Manager, we need your experience and leadership to partner closely with teams in the MassMutual’s Procurement Organization and cross-functional stakeholders to manage third party risk in the first line of defense. The core function...

  • Cyber Security Engineer

    18 hours ago

    Boston, MA, United States Saxon Global Full time

    Title: Cyber Security Engineer Interview Process: 1-2 rounds The Cyber Security Engineer will be responsible for day-to-day management of a network security architecture that supports the needs and goals of the SEC. He/she will help plan, implement and support security solutions at multiple locations around the state. After hours availability is required...

  • Senior Manager, Security Operations

    3 days ago

    Wilmington, MA, United States Symbotic Full time

    Who we are With its A.I.-powered robotic technology platform, Symbotic is changing the way consumer goods move through the supply chain. Intelligent software orchestrates advanced robots in a high-density, end-to-end system - reinventing warehouse automation for increased efficiency, speed and flexibility. What we need Symbotic is seeking a Senior...

  • Security Analyst

    3 days ago

    Quincy, United States Arthur Lawrence Full time

    Arthur Lawrence is looking to hire a Security Analyst based in Quincy, FL. Please find the job description below and send us your updated resume, if interested: Core Requirements: Overall 8+ years of IT experience with more than six years of information security Expertise with system analysis, networking, web application vulnerability assessments, etc....

  • Security Analyst

    5 days ago

    Quincy, United States Arthur Lawrence Full time

    Arthur Lawrence is looking to hire a Security Analyst based in Quincy, FL. Please find the job description below and send us your updated resume, if interested: Core Requirements: Overall 8+ years of IT experience with more than six years of information security Expertise with system analysis, networking, web application vulnerability assessments, etc....

  • Procurement Risk Manager

    2 weeks ago

    Hartford, CT, United States MassMutual Full time

    Risk Manager, Procurement Shared ServicesFull-Time,Boston, MA or Springfield, MAThe OpportunityAs a Procurement Risk Manager, we need your experience and leadership to partner closely with teams in the MassMutual’s Procurement Organization and cross-functional stakeholders to manage third party risk in the first line of defense.  The core function of...

  • Cyber Security Policy Engineer

    18 hours ago

    Boston, MA, United States Saxon Global Full time

    Title: Cyber Security Engineer Interview Process: 1-2 rounds The Cyber Security Engineer will be responsible for day-to-day management of a network security architecture that supports the needs and goals of the SEC. He/she will help plan, implement and support security solutions at multiple locations around the state. After hours availability is required...