Head of Cyber Audit, Managing Director, Hybrid
Who we are looking for
We are looking for a highly skilled and experienced Head of Cyber Audit, Managing Director to complement our infrastructure and horizontal IT audit function. To succeed in this role, you need to have a deep understanding of cyber risks processes, controls, industry standards, and should have a strong knowledge of NIST, MITRE, and Defense in Depth concepts. You will be responsible for working closely with peers for infrastructure, security, and application audit while overseeing and developing a diverse global team. Collaboration with the banks' cyber leadership is essential. In this role you will join a growing team that is focused on building leading practices, and you will report directly to Global Head of Technology Audit. You can be based out of our offices in Boston, Massachusetts.
This role can be performed in a hybrid model.
Why this role is important to us
The team you will be joining plays an important role in the overall success of the organization. Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. To make that happen we need teams like yours to help navigate employees and the organization as a whole. In your role you will strive for cutting-edge solutions, that are straightforward and scalable. You will help us build resilience and execute day to day deliverables at our best. Join us if making your mark in the financial services industry from day one is a challenge you are up for.
What you will be responsible for
As Head of Cyber Audit, Managing Director you will
- Oversee and lead cyber audits.
- Build out continuous auditing processes including the use of data analytics.
- Collaborate closely with global peers for infrastructure, security, and application and business audit.
- Advise the Global Head of Technology Audit and General Auditor on cyber risk, changes in the regulatory environment pertaining cyber, and innovative assurance approaches.
- Develop and maintain relationships with key stakeholders across the organization, including the banks' cyber leadership team.
- Manage and develop a diverse global team of auditors to provide expert advice on cyber risks and threats.
- Ensure that the cyber audit function is integrated with the overall audit program.
- Communicate audit findings and recommendations effectively to the banks' cyber leadership team.
- Monitor and track progress on audit findings and recommendations.
- Provide thought leadership on emerging cyber risks and threats.
- Have a deep understanding of cyber risk management, including qualitative and quantitative assessments.
- Serve as a subject matter expert in cyber risk frameworks, including CMMI, and apply them effectively in audits work.
- Develop working relationship with key regulators and communicate audit strategy and results effectively.
- Participate as a non-voting member of various steering committees, management working groups, promoting balanced discussions, and encouraging challenge and debate.
What we value
These skills will help you succeed in this role
- Role model behavior in cross-cultural awareness and ability to connect with colleagues globally in establishing and maintaining a collaborative and inclusive work environment.
- Strong leadership, with confidence to gain trust and credibility, and an ability to develop a high performing team by promoting collaboration and innovation at all levels.
- Proven impact through the life cycle from strategic thinking through implementation and measuring success.
- Expertise in developing and maintaining relationships with multiple stakeholders, including executives, senior management and team members to drive progress.
- Strong communication, interpersonal, and leadership ability across all levels coupled with effective problem solving, conceptual thinking, quantitative and analytical skills.
- Strong written and verbal communication, presentation, and technical writing skills.
- Advanced project management skills.
- Fluency in English - written and spoken.
Education & Preferred Qualifications
- Bachelor's degree in Information Technology, Computer Science or a related field; Master's degree preferred.
- Minimum of 15 years of experience in information security or cyber risk management, with at least 10 years of experience in audit or assurance lead roles.
- Successful experience working in the banking or financial services industry or other regulated industries, with a strong understanding of the global regulatory environment.
- Expertise in cyber risk management, including the latest trends, tools and techniques.
- Expertise in evaluating cyber security, cyber resiliency and cyber maturity and the ability to develop and implement effective audit coverage strategies.
- Regulatory expertise, with a strong understanding of compliance requirements for the banking industry and direct exposure to global regulators in leading, active roles.
- Strong knowledge of Cyber and Cloud technologies and tools and the ability to assess associated risks, including data driven monitoring or penetration test approaches.
- Relevant certifications, such as CISSP, CISA, or CISM are highly preferred.
- Willingness to travel domestically and internationally as required.
Are you the right candidate? Yes!
We truly believe in the power that comes from the diverse backgrounds and experiences our employees bring with them. Although each vacancy details what we are looking for, we don’t necessarily need you to fulfil all of them when applying. If you like change and innovation, seek to see the bigger picture, make data driven decisions and are a good team player, you could be a great fit.
About State Street
What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, we’re making our mark on the financial services industry. For more than two centuries, we’ve been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.
Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary by location, but you may expect generous medical care, insurance and savings plans, among other perks. You’ll have access to flexible Work Programs to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential.
Inclusion, Diversity and Social Responsibility. We truly believe our employees’ diverse backgrounds, experiences and perspectives are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift programs and access to employee networks that help you stay connected to what matters to you.
State Street is an equal opportunity and affirmative action employer.
Discover more at StateStreet.com/careers
Salary Range:$170,000 - $267,500 Annual
The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.