Vp/third Party Cyber Security Assessment Operations
1 month ago
TPCRM VP Role
State Street is seeking an operations leader for our Third-Party Cyber Risk Management Program. The VP of Third-Party Cyber Risk Management Assessment Operations will be responsible for providing leadership in the effective and efficient operations pertaining to the bank’s global third-party cyber risk management program, engaging with partners across the organization (including Procurement, Legal, Privacy, IT, Relationship Owners and others). They will also provide State Street leadership visibility to the risk being assumed through partners, suppliers, and other third-party relationships..
**Responsibilities**:
- Lead program execution and ongoing management of State Street's Third-Party Cyber Risk Management (TPCRM) Assessment Operations program
- Responsible for program elements managing third-party risk throughout the life-cycle of the third-party relationship including initial risk assessment, due diligence, and post contract monitoring
- Lead and manage a team charged with performing cybersecurity due diligence assessments on State Street's third-parties
- Oversee the continuous improvement of these processes as business unit and risk program owner requirements evolve
- Engage with and manage relationships with State Street’s Global Cyber Security (GCS), Procurement, and TPRM Organization ensuring coordination across programs and alignment with overarching TPRM program requirements
- Maintain an intimate understanding of best-in-class TPCRM practices through benchmarking and continuous education
- Engage with Executive Sponsors and Business Partners and provide value-added insight to improve the certainty of business outcomes and reduce risk
- Drive accountability for third-party cybersecurity and management of risk related to third-parties with business unit Business Partners
- Conduct cyber security risk assessments, develop training and communication, monitor and test validate risk treatment and remediation, and sustain and optimize applicable TPCRM risk management programs
- Instill a culture of risk management, compliance and continuous improvement with partners, using data to influence decisions around procedures, new technologies, or changes in practice or policy, and execute appropriate remediation follow-up where controls are insufficient or not operating as intended
- Represent State Street with external industry groups and establish peer circles for benchmarking and industry learning and manage relationships with key sourcing constituents.
**Qualifications**:
- Bachelor's Degree with a minimum of 5 years of experience in cybersecurity and at least 3 years managing a team of information security professionals;
- Possess a current information security certification to include but not limited to one of the following: Certified Information System Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM,) CompTIA Security +, Certified in Risk and Information Systems Control(CRISC), or OffSec Certified Professional (OSCP).
- Understanding of cybersecurity risks in terms of data driven, business driven and event driven risks.
- Proven experience in managing 3rd party risks from both a strategic and operations perspective.
- Strong understanding of regulatory and legal concerns as it relates to third party cybersecurity Risk management from a global landscape perspective
- Key competencies include: knowledge of State Street's businesses, cybersecurity policy/standards/programs, enterprise thinking with ability to build credibility within the organization; time management, project management, expertise in development and implementation of procedures and in-process metrics, strong interpersonal skills, and ability to successfully adapt to changing requirements.
- A proven ability to lead and develop organization specifically through change and transformation. Ability to lead and implement change.
- Must be comfortable with ambiguity; demonstrate strong writing, problem solving and creative thinking skills, and ability to work effectively with conceptual structures, outlines and models. Must be able to work under pressure and tight deadlines.
- Ability to interact and influence at all levels of management across divisions and functions.
- Strong negotiation and decision skills. Excellent written and verbal communication skills.
Salary Range:
$120,000 - $202,500 Annual
-
Quincy, MA, United States State Street Corporation Full timeTPCRM VP Role State Street is seeking an operations leader for our Third-Party Cyber Risk Management Program. The VP of Third-Party Cyber Risk Management Assessment Operations will be responsible for providing leadership in the effective and efficient operations pertaining to the bank's global third-party cyber risk management program, engaging with partners...
-
Quincy, MA, United States State Street Corporation Full timeWho we are looking for State Street's Global Cyber Security (GCS) Third Party Cyber Risk Management (TPCRM) program seeks to mitigate a variety of third-party information security risk in accordance with the Bank's cyber risk appetite. Through a framework that addresses policy, process, operations, people, and technology, GCS protects our infrastructure,...
-
Global Head of Business Information Security
1 week ago
Quincy, United States State Street Full timeThe SVP, Information Security Officer provides cyber risk management oversight to all State Street and legal entity businesses globally, sits within the first line of defense and reports into the Global Chief Information Security Officer. The SVP, Information Security Officer will manage a team of business unit aligned ISOs to strengthen cyber control...
-
Cyber Security Operations Center
1 month ago
Quincy, MA, United States State Street Corporation Full timeState Street seeks to recruit a SOC Manager for its Cyber Defense Center. The SOC Manager will help lead the triage, analysis and response to cyber-attacks. Join us in evolving our response capabilities to protect State Street, its customers and partners from ever-evolving and sophisticated threat actors. State Streets Cyber Fusion Center is responsible for...
-
Lead Cyber Security Operations Center
4 weeks ago
Quincy, MA, United States State Street Corporation Full timeWho are we looking for: State Street seeks to recruit an Lead Cyber Security Operations Center (SOC) analyst that will assist in the detection, triage, analysis and response to cyber-attacks. The analyst will join our SOC team which will run a 24/7 coverage, 365 days a year model, with a partner team in Ireland. The SOC team is responsible for analyzing...
-
Early Career Cyber Security Operations Center
1 month ago
Quincy, MA, United States State Street Corporation Full timeWho are we looking for: State Street seeks to recruit an Early Career Cyber Security Operations Center (SOC) analyst that will assist in the detection, triage, analysis and response to cyber-attacks. The analyst will join our SOC team which will run a 24/7 coverage, 365 days a year model, with a partner team in Ireland. The SOC team is responsible for...
-
Cyber Policy and Strategy Manager
3 weeks ago
Quincy, United States State Street Full timeWho we are looking for: The State Street Global Cybersecurity team is looking for a Cyber Policy and Strategy Manager. The Cybersecurity team is responsible for ensuring that all platforms, architecture, and tooling used across the State Street enterprise are secure and compliant by design. As a Cyber Policy and Strategy Manager, you will help to spearhead...
-
Quincy, United States State Street Full timeThe SVP, External Cybersecurity Engagement provides cybersecurity risk management and client engagement oversight to all State Street and legal entity businesses globally, sits within the first line of defense and reports into the Global Chief Information Security Officer. The SVP, External Cybersecurity Engagement will manage a team of cybersecurity experts...
-
Technology Risk, Vice President
1 week ago
Quincy, Massachusetts, United States State Street Full timeVP – Application Security Risk ManagerJob DescriptionWho we are looking forWe are looking for a highly skilled and experienced Cybersecurity Risk Manager to perform Second line Risk Oversight over State Street's Application Security Program. You will be collaborating with peers in Global Cyber Security to ensure risk are being reduced through Static Code &...
-
Security Analyst
3 weeks ago
Quincy, United States Arthur Lawrence Full timeArthur Lawrence is looking to hire a Security Analyst based in Quincy, FL. Please find the job description below and send us your updated resume, if interested: Core Requirements: Overall 8+ years of IT experience with more than six years of information security Expertise with system analysis, networking, web application vulnerability assessments, etc....
-
Security Analyst
2 weeks ago
Quincy, United States Arthur Lawrence Full timeArthur Lawrence is looking to hire a Security Analyst based in Quincy, FL. Please find the job description below and send us your updated resume, if interested: Core Requirements: Overall 8+ years of IT experience with more than six years of information security Expertise with system analysis, networking, web application vulnerability assessments, etc....
-
Security Analyst
1 week ago
Quincy, United States Arthur Lawrence Full timeArthur Lawrence is looking to hire a Security Analyst based in Quincy, FL. Please find the job description below and send us your updated resume, if interested: Core Requirements: Overall 8+ years of IT experience with more than six years of information security Expertise with system analysis, networking, web application vulnerability assessments, etc....
-
Information Security Engineer
4 weeks ago
Quincy, United States CultureFit Full timeJob Summary: Under the general supervision of the Information Security Chief, the Information Security Engineer implements and maintains information security solutions for the organization. The individual is expected to provide leadership and support for all security and related technical operations. Requires a diverse set of skills including advanced...
-
Information Security Engineer
1 week ago
Quincy, United States CultureFit Full timeJob Summary:Under the general supervision of the Information Security Chief, the Information Security Engineer implements and maintains information security solutions for the organization. The individual is expected to provide leadership and support for all security and related technical operations. Requires a diverse set of skills including advanced problem...
-
Information Security Engineer
1 week ago
Quincy, United States CultureFit Full timeJob Summary:Under the general supervision of the Information Security Chief, the Information Security Engineer implements and maintains information security solutions for the organization. The individual is expected to provide leadership and support for all security and related technical operations. Requires a diverse set of skills including advanced problem...
-
Information Security Engineer
1 month ago
Quincy, United States CultureFit Full timeJob Summary:Under the general supervision of the Information Security Chief, the Information Security Engineer implements and maintains information security solutions for the organization. The individual is expected to provide leadership and support for all security and related technical operations. Requires a diverse set of skills including advanced problem...
-
Information Security Engineer
1 month ago
Quincy, United States CultureFit Full timeJob Summary:Under the general supervision of the Information Security Chief, the Information Security Engineer implements and maintains information security solutions for the organization. The individual is expected to provide leadership and support for all security and related technical operations. Requires a diverse set of skills including advanced problem...
-
Information Security Engineer
1 month ago
Quincy, United States CultureFit Full timeJob Summary:Under the general supervision of the Information Security Chief, the Information Security Engineer implements and maintains information security solutions for the organization. The individual is expected to provide leadership and support for all security and related technical operations. Requires a diverse set of skills including advanced problem...
-
Information Security Engineer
1 week ago
Quincy, United States CultureFit Full timeJob Summary:Under the general supervision of the Information Security Chief, the Information Security Engineer implements and maintains information security solutions for the organization. The individual is expected to provide leadership and support for all security and related technical operations. Requires a diverse set of skills including advanced problem...
-
Information Security Engineer
1 week ago
Quincy, United States CultureFit Full timeJob Summary:Under the general supervision of the Information Security Chief, the Information Security Engineer implements and maintains information security solutions for the organization. The individual is expected to provide leadership and support for all security and related technical operations. Requires a diverse set of skills including advanced problem...
