Managing Director of Cybersecurity Administration and Operations will provide oversight, leadership and guidance to the Security administration and operations team reporting directly to the Global CISO. They will be responsible for the global management of security administration operations. This manager will look for opportunities to improve efficiencies, overall quality of this group's service offering. This manager will also be required to act as a change agent within the department and throughout the corporate information security team by continually implementing industry standards and best practice and driving process improvement and automation by setting the direction and priority for this team. Responsible for developing and documenting system security requirements and ensuring compliance validation. Utilizes knowledge of the security trends in industry, champions' approaches across the business and IT delivery teams.
* Managing a global team of information security professionals using a metrics based approach, understand and improve current processes.
* Manages, administers and tunes the enterprise Security Information administration platform. Using the information generated and correlated from this tool to prioritize remediation efforts of the impacted technology teams as well as providing a leadership view of the current state of security within the enterprise as a whole.
* Serve as advisors and consultants to business units in planning and coordinating systems security analysis, design, and implementation/enhancement projects to automate processing or improve business systems. Focuses on developing and improving security processes, assisting in metrics development, both within the technology and business organizations.
* Run all aspects of the vulnerability scanning program to identify weaknesses in our layered security defense program. These weaknesses will be determined, prioritized, remediated and confirmed closed.
* Understand business needs and adjust or develop new processes to efficiently provide excellent service and value to our users.
* Develop standard operating procedures and other appropriate documentation to enforce quality and consistency of the services this team provides.
* Manages Information Security projects linking them as a focused set of initiatives at the division or enterprise level in conjunction with the technical staff and other constituents.
* Recommends, coordinates and implements technical controls to ensure policies and processes are performing as intended.
* Assist in Business Needs Assessments and feasibility studies establishing clear program and associated IT information security program goals
* Participate in all aspects of budget planning for IT Information Security Office
* Responsible for oversight of wide variety of operational functions including but not limited to:
* Identity and access management
* Incident Response
* Metrics & Reporting
* Assist in the development of variety of programs, policies, and procedures with other members of the Corporate Information Security team including but not limited to:
* Data Loss Prevention (DLP)
* Enterprise Vulnerability Management
* Fraud Detection & Prevention
* Information Security Office(ISO)
* Workflow Automation
* Enterprise Risk Analysis (Vendors & Applications)
* Training & Awareness
* SDLC Expansion for Security Safeguards & Controls
* Supports development and implementation of sound business initiatives across the division and bank.
* Deep understanding of information security and security operations standard processes and challenges. Experience with standard enterprise class tools, processes and compliance activities.
* Capable of working with others to follow through on cross-functional tasks.
* Owns problems and solutions as a creative problem solver.
* Seeks and develops suggestions from others, drives partnering relationships.
* Acts as champion for the perspectives of different partners even in the face of resistance.
* Effective change agent and serves as a role model for others.
* Recognized as business unit expert in external communication, serves as a role model for others.
* Effective skills in influencing & negotiating.
* Able to advocate for effective solutions while acknowledging diverse viewpoints.
* Regularly takes actions that go beyond requirements to achieve objectives
* Provides leadership and direction for project execution
* Provides expertise to identify potential problems and executes adjustments to project timelines, tasks and resources allocation as required.
* Works cross functionally to facilitate and organize actions to meet division and corporate goals.
* Assumes a lead role in collaborating to influence actions and decisions to positively impact business and financial results.
* Champions process improvements fostering ownership and empowerment across the Information Security, IT and the organization.
Background and Experience
* BS in Technology or Computer Science related field or equivalent with 8+ years of experience required.
* Certified Information System Security Professional (CISSP) or other industry security certifications desirable.
* Advanced knowledge and experience managing security engineering, administration or security operations team in a large, complex enterprise.
* Experienced, effective manager that uses both a quantitative and qualitative based approach to achieve the desired deliverable.
About State Street
State Street is a financial holding company providing a range of products and services for large pools of investment assets.