Who we are looking for

Global Cybersecurity (GCS) protects State Street and its clients from the impact of cyber-attacks against systems by understanding the risks these attacks present and mitigating them through a robust, continuously evolving, cybersecurity program and control environment.

Fusion & Security Operations (F&SO) is one of five functions that make up GCS. F&SO works to provide real-time knowledge of cyber threats of today collectively to better prepare State Street for threats of tomorrow.

Lead the enterprise capability for workforce cyber risk and user-based controls within Fusion Security & Operations. This role owns the strategy, governance, and operational execution of personnel risk management, including frameworks traditionally associated with insider threat. This role ensures robust user-centric controls (e.g., DLP, UEBA, identity/access governance, exception and consequence management) and integrates risk management practices across HR, Legal, Compliance, and Cyber Defense functions—while leveraging advanced analytics and visualization to drive insight and action.

What you will be responsible for

• Define and operate the Workforce Cyber Risk Operations & Controls Program, aligning to NIST 800‑53 r5 and enterprise cyber governance standards.
• Serve as control owner for user-based security controls; maintain accountability for metrics, attestations, and regulatory readiness.
• Oversee design, implementation, and continuous improvement of controls such as DLP, UEBA, identity/access governance, and behavioral analytics.
• Manage exception handling and consequence management processes to enforce policy and mitigate risk.
• Develop and maintain frameworks for identifying, assessing, and mitigating workforce-related cyber risks across employees, contractors, and third parties.
• Drive proactive risk posture through analytics, education, and targeted interventions for high-risk roles or behaviors.
• Collaborate with Cyber Defense Center, Cyber Threat Intelligence, Detection Engineering, and Fusion Assurance teams to ensure workforce risk signals feed detection and response workflows.
• Align workforce risk controls with broader FSO operational model and resilience objectives.

What we value

These skills will help you succeed in this role

• Build and maintain data-driven dashboards to visualize workforce risk trends, control effectiveness, and behavioral indicators.
• Apply advanced analytics to detect anomalies, predict risk scenarios, and inform executive decision-making.
• Define KPIs/KRIs for workforce risk and control effectiveness; deliver dashboards to senior leadership and governance bodies.
• Support internal audits, CRC reviews, and external regulatory exams with evidence of control maturity and program effectiveness.

Education & Preferred Qualifications

• 15+ years in cybersecurity, risk management, or security operations, with leadership experience in complex global environments.
• Deep expertise in user-centric security controls, behavioral analytics, and personnel risk frameworks.
• Strong proficiency in analytics platforms and data visualization tools (e.g., Power BI, Tableau) for dashboard creation and insight delivery.
• Understanding of regulatory requirements and control frameworks (e.g., NIST 800‑53, ISO 27001).
• Proven ability to lead cross-functional programs and influence senior stakeholders across HR, Legal, Compliance, and Technology.
• Preferred certifications include but are not limited to: CISM, CISSP, CRISC, C-RMP and CITPM.
• Bachelors Degree in Cyber Security or related techincal discipline

Salary Range:

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Employees are eligible to participate in State Street’s comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.

For a full overview, visit https://hrportal.ehr.com/statestreet/Home.

About State Street

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you’ll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.

As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.

Discover more information on jobs at StateStreet.com/careers

Read our CEO Statement

Job Application Disclosure:

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.