Officer - - Boston MA Technology and Information Security Risk Manager - Network Infrastructure Enterprise Technology Risk Management (ETRM) It is an exciting time to join State Street Corporation (SSC) in the Enterprise Risk Management (ERM) organization as member of the Enterprise Technology Risk Management (ETRM) team. State Street is the industry leader in investment management, research & trading and servicing. ETRM is responsible for oversight, monitoring, and advisement around the management of technology risks across the State Street enterprise. State Street is prioritizing the development of highly automated solutions that provide IT professionals, business unit management, and senior leadership with accelerated risk mitigation capabilities and real-time measurement of the enterprise's risk posture - without the inefficiency, inaccuracy, and operational expenses associated with manual, labor-intensive processes. In this role, you will be acting as a trusted and influential liaison as part of our team to State Street's Global Cybersecurity (GCS) business for all technology risks. GCS is a business unit within Global Technology Services (GTS) at State Street and is responsible for all of State Street's technology information security. The position is based in Boston area. General Roles and Responsibilities To partner and serve as an Enterprise Technology Risk Management liaison to the Global Cybersecurity (GCS) Business Unit and First Line of Defense (FLOD) control function on matters relating to the IT risk posture of State Street, with a focus on Network Security as benchmarked against applicable laws and regulations, rules, standards and codes of conduct, and best practices.
Evaluating Information and IT Network Security risks arising from control inefficiencies or lack thereof.
Provide valuable input by supporting the implementation of effective technology risk management by developing and establishing continuous risk Identification, measurement, management and reporting.
Establish and continuously assess a Technology Risk Profile for Information and IT Security through regular status reporting of risk treatment especially on progress and success of risk mitigating initiatives.
Increased transparency and visibility to critical IT risks and advice in prioritization of risk reducing initiatives.
Strong background in Network Security with IT Risk, Design/Architecture and/or operations experience with Network Infrastructure (Routers/Switches, Firewalls, Proxies, Load Balancers, etc.)
Foundational understanding risk management tools (Material Risk Identification, Risk and Control Self Assessments, Key Risk Indicator Methodology and, Loss Event data)
Good understanding of state of the art IT & Cyber Security and Identity Management products, services and technologies, as well as their respective impact on the organization's risk profile as scale.
Ability to translate technical issues into risk terms that business can understand is absolutely necessary
Good understanding and knowledge of general IT infrastructure, systems, processes and emerging technologies such as cloud, converged infrastructure etc.
Minimum 5+ years of experience in the financial, consulting or technology industries
Undergraduate or higher degree in technology preferred.
Experienced technical leader with over 3+ years of working experience in IT infrastructure and risk with specialty in Network Infrastructure
Salary Range: $70,000 - $115,000 Annual The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.