IT Security ( State Street Bank and Trust Company; Burlington , MA): The IT Security position will be responsible for contributing to and implementing processes that support the Company's information security and risk management functions. This highly visible role will focus on operating, improving, and expanding the Technology Risk and Information Security Program, support and participation in information security audits and assurance events. The candidate will be a member of the CRD Risk Management team reporting to the Technology Risk Manager. Specific duties of the position include: Performing Technology risk management activities - risk identification, risk assessment, risk measurement, risk response including mitigation/acceptance and risk monitoring & reporting using knowledge of Technology systems (including tools and technologies - Databases, Operating Systems, Automation and Security tools, System Architecture etc.); Conducting information security control reviews based on ISO 27001/ISO 27002, NIST 800-53, COBIT, ITIL, CSF, global privacy and security frameworks; Developing and enhancing AICPA SOC1/2 controls and supporting documentation and policies; Performing technology control assurance events of business activities and processes and developing recommendations to improve security posture; Conducting and analyzing technology audits of Charles River departments and functions in support of Risk Management and State Street objectives; Responding to client information security questionnaires; Evaluating and reviewing information security policies and procedures to ensure compliance; Develop technology metrics and reporting on an ongoing basis; Reviewing security audit logs, and investigating and reporting on anomalies as part of technology assurance activities; Reviewing security events and incidents as part of the Information Security program; Assisting with security investigations and incident response tracking; Identifying control issues and emerging risks and working with management to ensure remediation; Demonstrating a commitment to information security by obtaining additional training and staying current with information security technologies and practices; and Building strong relationships with the business and IT organizations. Telecommuting is permitted pursuant to Company policy.
Minimum requirements are: Bachelor's degree in Computer Science, or a related field, or its equivalent; and 5 years of experience in an information security role in the financial services industry.
Must have: Total experience must include 2 years of IT, compliance, audit, or third-party risk experience; Proven ability to analyze business requirements and develop solutions to the business needs; Proven superior communication, interpersonal, presentation, and intergroup skills; Proven excellent understanding and knowledge of technology, development life cycle, change control processes, data resiliency, recovery exercises, technology architecture, and risk management; Proven ability to influence technology leaders about the need to embrace technology risk reduction initiatives and controls; Demonstrated experience with the following tools: Microsoft Tools, Archer platform, ServiceNow, Lansweeper, Open Pages, Tableau, and SharePoint; Demonstrated experience in successfully acting as a trusted and influential information security advisor to business management in a large organization.
A pply online at careers.statestreet.com . State Street Job ID: R-707327 . An EOE.
COVID-19 Protocols: Complying with State Street's COVID-19 protocols is a condition of employment. Those requirements may vary depending on circumstances and legal requirements, and may include, without limitation, a requirement to be vaccinated (or have an accommodation), to disclose vaccination status, to provide evidence of vaccination status, etc.