Information Security/Risk And Compliance Lead
Information Security / Risk and Compliance Lead Quincy, Massachusetts/en-US/Global/job/Quincy-Massachusetts/Information-Security---Risk-and-Compliance-Lead_R-629759/apply
Information Security / Risk and Compliance Lead will provide oversight, leadership and guidance to the Policy and Governance teams. They will be responsible for the management of State Streets global information security policies, standards, and guidelines as well as preparing and delivering security awareness, training and guidance through various learning and communications channels. This manager will also be responsible for the creation of presentations, summarizing and highlighting benefits of new and updated IS policy documents and awareness communications intended for State Street leaders, stakeholders and general staff. This manager will look for opportunities to improve efficiencies, overall quality of this groups service offering. This manager will also be required to act as a change agent within the department and throughout the corporate information security team by continually implementing industry standards and best practice and driving process improvement and automation by setting the direction and priority for this team.
- Manage the enterprise Information Security policy, controls and framework
- Develop and maintain Information Security policies and standards inventory and templates; establish and implement governance and maintenance strategy
- Maintain and promote consistent Information Security appetite statements, risk dashboards and taxonomies across the company; provide framework for business level Risk appetite statements
- Coordinate and lead efforts to align risk rating methodologies
- Coordinate with other functions and programs within the Three Lines of Defense to develop an integrated assessment of risks across the company for senior management
- Develop and help manage metrics and reporting across Information Security functions
- Advance strategy to optimize and align programs and methodologies within Information Security
- Identify industry forums and related media that provide a strategic, holistic view to current and emerging trends, regulation, and best practices; ensure that these are adequately addressed by
- Help promote a strong risk culture of integrity, transparency, accountability, collaboration and continuous improvement
Background and Experience
- Accomplished professional with 6+ years of experience in risk, control, audit or compliance in financial services company
- Strong leadership in the development and implementation of comprehensive Information Security frameworks and governance
- Demonstrable ability as a change agent, building and implementing new functions, processes, controls and disciplines through successful partnership across multiple functions and locations
- Knowledge of NIST CSF, ITGCs, PCI-DSS, GDPR and other relevant industry frameworks, security requirements and standards
- Understanding of insurance and asset management businesses, services, policies, procedures, regulations, systems, and technologies
- Ability to drive results
- Strong program/project management skills
- Excellent communications, leadership, and presentation skills; ability to influence others
- Ability to think strategically, critically, and logically
- Ability to develop effective relationships across the firm, at all levels
- Proactive self-starter with a strong work-ethic
- Bachelors degree required, MBA or Masters preferred
Posted TodayFull timeR-629759
Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.
Our promise to maintain an environment where every employee feels valued and able to meet their full potential infuses our company values. Its also part of our commitment to inclusion, development and engagement, and corporate social responsibility. Youll have tools to help balance your professional and personal life, paid volunteer days, and access to employee networks that help you stay connected to what matters to you. Join us.
As an Affirmative Action/Equal Opportunity Employer, we consider applications for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law. For more information, for U.S. jobs only, please read our .