Job Description

Who we are looking for

Our second line technology risk function is vital to State Street to ensure Information Technology risks and controls are well managed, helping our business to deliver applications and services to our clients. We are supporting the company’s digital transformation and expanding business capabilities using industry best practices and advanced technologies such as cloud, artificial intelligence alongside best in class Information Technology Service Management. We are looking for experienced Risk Management and Controls Assurance resources to help maintain and mature our Technology Risk Management Programs.

What you will be responsible for

Primary Areas of Focus:

Technology Risk Acceptance Governance, Material Risk Identification (MRI), Risk Control Self-Assessment (RCSA) and support of other 2LOD oversight activities

In this role within Enterprise Technology Risk Management (ETRM), you will assist in:

• Technology Risk Acceptance Governance – Monitor and engage first line’s Technology Risk Acceptance submissions and facilitate in the review of these through demonstrable challenge in conjunction with the 2LOD SMEs

• Material Risk Inventory – Facilitate in the coordination of bi-annual MRI capture process for Global Technology Services (GTS); Compile MRI workshop results, execute quality assurance over consolidated results from MRI workshop, and integrate the results into the 2LOD oversight processes.

• Risk and Control Self-Assessment (RCSA) – On an annual basis, engage with first line’s scorecards with risk ratings and rationale as the ETRM coordinator; aggregate and reflect second line SMEs assessments of risk ratings, controls and review associated exposure rationale provided by first line; and generate the second line review/challenge on the technology RCSAs

This role will also:

• Support ETRM with regulatory and audit requests, and assist in the execution of the departmental annual risk coverage plan in conjunction with the respective ETRM leaders

• Communicate the departmental views and reports on various risk matters to the appropriate committees and stakeholders

• Learn new and complex environments, processes, and technologies

• Stay abreast of industry developments including but not limited to changes in regulations

• Coordinate or lead various ad-hoc requests, projects

• Develop overall technology / product / business unit knowledge of State Street Corporation

What we value

These skills will help you succeed in this role

• Candidate has experience managing small to medium initiatives

• Candidate has experience with supporting various Security Architectures, Defense in Depth Strategy, Cloud environments (AWS, Azure, GCP, OCI), Cybersecurity tools

• Candidate has strong understanding of control frameworks

• Candidate is able to effectively balance multiple tasks

• Candidate is able to work both collaboratively and independently

• Aptitude for researching and identifying emerging technology risks including learning new and complex environments, processes, and technologies

• Excellent written and spoken communication & collaboration skills

• Self-learning and training to ensure skills and knowledge are in line with responsibilities

• Knowledge of IT frameworks such as NIST, ISO, COBIT, ITIL a plus

• Familiarity in Information Security Frameworks including the ISO 27000 family, NIST, Cloud CCM

• A strong understanding of Technology and Cyber Risk Management to influence leaders on the need to embrace risk reduction initiatives and controls

• Proficient in Microsoft Office suite including data analytics in Excel and/or Access

• Experience with IT GRC platforms (Archer), Splunk, EDR, SIEM, Network Management tools

Education & Preferred Qualifications

• Bachelor’s degree in Computer Science/Information Systems, Risk Management or a related field, or equivalent experience

• Candidate has a minimum of 5+ years of experience with IT risk, audit or technology operations

• Professional designation a plus (e.g. CISA, CISM, CISSP, CRISC)

Salary Range:

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Employees are eligible to participate in State Street’s comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.

For a full overview, visit https://hrportal.ehr.com/statestreet/Home.

About State Street

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you’ll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.

As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.

Discover more information on jobs at StateStreet.com/careers

Read our CEO Statement

Job Application Disclosure:

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.