The CIS Transformation Lead is a position within CIS organization, with matrix reporting to the Third Party Risk Management (TPRM) Transformation Program, focusing on ensuring compliance with CIS security controls. Applicants must have previous experience in successfully acting as a trusted and influential information security advisor to senior-level business management in a large organization. The CIS Transformation Lead will be responsible for requirement definition, project management, reporting, and monitoring compliance throughout the transformationby engaging in the following:
* Align State Street's Third Party Risk Management Program with current regulatory requirements and risk based reviews including new engagements and ongoing monitoring of existing providers. The goal of the program is to identify and work with the business to mitigate the risk to State Street and its information assets by completing the assessment prior to State Street executing a contract with the supplier for its products or services. * Lead the design and development of enhanced third party risk program moving from manual, US-centric model to automated Global model incorporating GRC tool development and design. * Migrate processes and controls related to the Corporate Information Security Third-Party Vendor Risk Management Program: Due Diligence requests across the enterprise designed to provide remote and in-person reviews of the security program to key service providers. •Successfully position themselves as a trusted advisor sought out by business line management for advice and guidance on security and third-party risk issues * Develop and maintain a strong understanding of the business processes and technologies used in the business line, and the information security controls that must be applied to these processes and technologies•Develop and maintain an inventory of information security compliance assessment issues and remediations of identified business control failures•Actively help business unit management evaluate and mitigate risks associated with third party vendors, as part of State Street's broader third party risk program•Partner with CIS to develop and deliver actionable security reporting * Ensure management attention to CIS Vendor Risk assessment deliverables * Demonstrate a commitment to information security by obtaining additional training and staying current with information security technologies and practices. * The ability to influence senior business leaders about the need to embrace new security initiatives and controls is key to success in this role. * The Transformation Lead will also participate in State Street's overall Third-Party Risk Management Program Oversight and as an information security subject matter expert and will, on occasion, present program status to senior business leaders.
The Transformation Lead must possess the following skills/experience:
* 5 to 7 years of information security program management/leadership experience * Business concepts including financial, business requirements, compliance and risk management * Financial services experience a plus * CISA, CISM, CISSP or similar certification preferred or an agreed upon plan to achieve this certification * Ability to courageously influence colleagues at levels * Strong written and oral communication skills * Strong presentation skills
About State Street
State Street is a financial holding company providing a range of products and services for large pools of investment assets.