Security Executive Council
Head of Cyber Security Risk Oversight, Managing Director
Security Executive Council, Boston, Massachusetts, us, 02298
Head of Cyber Security Risk Oversight, Managing Director
Join to apply for the Head of Cyber Security Risk Oversight, Managing Director role at Security Executive Council Organization: State Street Location: Boston, MA Overview
It is an exciting time to join State Street Corporation (SSC) in the Enterprise Technology Risk Management (ETRM) organization. ETRM is responsible for thought leadership, oversight, monitoring, and advisement around the discovery and remediation of Cyber and Technology Risks across the enterprise. What You Will Be Responsible For
Act as the ETRM advisor to the first line of defense (FLOD) on matters relating to the cyber risk posture of State Street, benchmarked against applicable laws, regulations, rules, standards and best practices. Ensure cyber risks and non‑compliance with internal and external standards are proactively identified, prudently managed, and effectively challenged. Identify, assess, control, and monitor risks; support FLOD in planning/executing controls and compensating controls. Participate in risk governance forums and provide real-time oversight and challenge. Monitor cyber risk appetite, report breaches, escalate exceptions, and challenge risk acceptances. Provide an independent opinion on FLOD cyber risk management and recommend improvements. Review and challenge the first‑line cyber controls assurance program and related processes. Engage with Enterprise Process Owners for cyber processes to strengthen FLOD/SLOD relationships and embedded risk management. Communicate and drive effective implementation of ETRM risk management policies, framework, tools, guidelines, and standards across the business to ensure cyber risks are identified and managed effectively. Provide strategic leadership and ongoing support to FLOD regarding cyber risk best practices and trends. Advise FLOD in prioritization of risks, risk initiatives, and mitigation options. Review and challenge cyber risk response decisions and initiatives undertaken by the FLOD to provide an independent voice in the risk management process. Provide support for regulatory exams and responses to ETRM and stakeholders; collaborate with regional peers (APAC, EMEA) on cyber and information security risks. Deliver assigned ETRM annual book of work (risk assessments, continuous monitoring, issues management, reporting) with the team and the ETRM India Service Center of Excellence. Utilize enterprise risk and operational risk management tools (NBPRA, MRI, RCSA, KRIs, incident and loss data) to proactively monitor the control environment and address gaps. Stay abreast of new products, services, technologies and their impact on the organization’s risk profile. Serve as a subject matter expert in cyber risk, controls, compliance, and best practices. What We Value
Collaborative approach Ability to influence, secure buy-in, and drive implementation of decisions Strategic mindset linking initiatives to a holistic risk and control environment Excellent communication skills Experience leading and developing a team; mentoring and coaching Ability to lead while maintaining positive relationships with stakeholders Leadership within the team and among peers Qualifications
Education & Preferred Qualifications Minimum 15 years of experience in the financial, and/or technology industries Experience interacting with C‑level executives; superior communication, interpersonal, negotiation, presentation and stakeholder skills Ability to translate technical issues into business risk terms Experience with regulatory exams and responses is strongly desired Advanced degree or undergraduate degree in technology/cyber discipline or equivalent Thought leadership around cyber risks Experience in first line, risk management, compliance or audit; design and implementation of control frameworks, penetration testing, incident detection and response, encryption and data protection, EDR, SIEM, SOC CISSP or equivalent is preferred but not mandatory Working knowledge of FFIEC, DORA, NIST CSF, 800-53, COBIT, CCM, MITRE ATT&CK Compensation
Salary Range: $170,000 - $282,500 Annual. The range applies to the role in the primary location (Boston, MA). If the candidate works outside the primary location, the range could differ. How To Apply
Apply Online Url: https://statestreet.wd1.myworkdayjobs.com/Global/job/Quincy-Massachusetts/Head-of-Cyber-Security-Risk-Oversight--Managing-Director_R-776605-1?source=APPLICANT_SOURCE-LINKEDIN Posted: 14-Aug-2025 Note: Referrals increase your chances of interviewing at Security Executive Council.
#J-18808-Ljbffr
Join to apply for the Head of Cyber Security Risk Oversight, Managing Director role at Security Executive Council Organization: State Street Location: Boston, MA Overview
It is an exciting time to join State Street Corporation (SSC) in the Enterprise Technology Risk Management (ETRM) organization. ETRM is responsible for thought leadership, oversight, monitoring, and advisement around the discovery and remediation of Cyber and Technology Risks across the enterprise. What You Will Be Responsible For
Act as the ETRM advisor to the first line of defense (FLOD) on matters relating to the cyber risk posture of State Street, benchmarked against applicable laws, regulations, rules, standards and best practices. Ensure cyber risks and non‑compliance with internal and external standards are proactively identified, prudently managed, and effectively challenged. Identify, assess, control, and monitor risks; support FLOD in planning/executing controls and compensating controls. Participate in risk governance forums and provide real-time oversight and challenge. Monitor cyber risk appetite, report breaches, escalate exceptions, and challenge risk acceptances. Provide an independent opinion on FLOD cyber risk management and recommend improvements. Review and challenge the first‑line cyber controls assurance program and related processes. Engage with Enterprise Process Owners for cyber processes to strengthen FLOD/SLOD relationships and embedded risk management. Communicate and drive effective implementation of ETRM risk management policies, framework, tools, guidelines, and standards across the business to ensure cyber risks are identified and managed effectively. Provide strategic leadership and ongoing support to FLOD regarding cyber risk best practices and trends. Advise FLOD in prioritization of risks, risk initiatives, and mitigation options. Review and challenge cyber risk response decisions and initiatives undertaken by the FLOD to provide an independent voice in the risk management process. Provide support for regulatory exams and responses to ETRM and stakeholders; collaborate with regional peers (APAC, EMEA) on cyber and information security risks. Deliver assigned ETRM annual book of work (risk assessments, continuous monitoring, issues management, reporting) with the team and the ETRM India Service Center of Excellence. Utilize enterprise risk and operational risk management tools (NBPRA, MRI, RCSA, KRIs, incident and loss data) to proactively monitor the control environment and address gaps. Stay abreast of new products, services, technologies and their impact on the organization’s risk profile. Serve as a subject matter expert in cyber risk, controls, compliance, and best practices. What We Value
Collaborative approach Ability to influence, secure buy-in, and drive implementation of decisions Strategic mindset linking initiatives to a holistic risk and control environment Excellent communication skills Experience leading and developing a team; mentoring and coaching Ability to lead while maintaining positive relationships with stakeholders Leadership within the team and among peers Qualifications
Education & Preferred Qualifications Minimum 15 years of experience in the financial, and/or technology industries Experience interacting with C‑level executives; superior communication, interpersonal, negotiation, presentation and stakeholder skills Ability to translate technical issues into business risk terms Experience with regulatory exams and responses is strongly desired Advanced degree or undergraduate degree in technology/cyber discipline or equivalent Thought leadership around cyber risks Experience in first line, risk management, compliance or audit; design and implementation of control frameworks, penetration testing, incident detection and response, encryption and data protection, EDR, SIEM, SOC CISSP or equivalent is preferred but not mandatory Working knowledge of FFIEC, DORA, NIST CSF, 800-53, COBIT, CCM, MITRE ATT&CK Compensation
Salary Range: $170,000 - $282,500 Annual. The range applies to the role in the primary location (Boston, MA). If the candidate works outside the primary location, the range could differ. How To Apply
Apply Online Url: https://statestreet.wd1.myworkdayjobs.com/Global/job/Quincy-Massachusetts/Head-of-Cyber-Security-Risk-Oversight--Managing-Director_R-776605-1?source=APPLICANT_SOURCE-LINKEDIN Posted: 14-Aug-2025 Note: Referrals increase your chances of interviewing at Security Executive Council.
#J-18808-Ljbffr