Director, Cybersecurity Regulatory Engagement (1LOD)

BNY Mellon•New York, NY

3d•$116,000 - $246,000

About The Position

At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide. Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary. We’re seeking a future team member for the role of Director, Cybersecurity Governance, Risk and Controls Regulatory Engagement Lead to join our Cybersecurity team. This role can is in NYC, NY. Role Summary: The Director, Cybersecurity Regulatory Engagement (1LOD) is an individual contributor role within Cybersecurity Governance, Risk & Controls (CGRC). Consistent with the First Line of Defense (1LOD) mandate, this role manages and executes cybersecurity regulatory engagement activities contributing to effective risk and control outcomes. The role supports and contributes to cybersecurity regulatory engagements, including exams, inquiries, remediation activities, new regulatory guidance and regulatory requests, by coordinating inputs, supporting control alignment, and driving disciplined execution. This position reports the Director of Cyber regulatory engagement and plays a critical role in translating regulatory expectations into clear, repeatable, and well-controlled 1LOD execution. This position requires deep regulatory judgment, and the ability to work directly with cybersecurity leadership, Engineering Controls, and risk partners in a highly regulated environment.

Requirements

12+ years of experience in cybersecurity, technology risk, governance, audit, controls or related technology disciplines.
Extensive experience in regulatory engagements, risk management, audit, or compliance within a large, complex, and highly regulated organization.
Proven track record leading regulatory exams, supervisory interactions, or other types of regulatory engagements.
Experience operating in a First Line of Defense (1LOD) role.
Demonstrated ability to operate effectively at senior leadership and executive levels.
Strong understanding of cybersecurity risk management, control frameworks, and regulatory expectations applicable to financial institutions.
Ability to synthesize complex technical and risk topics into clear, defensible regulatory narratives.
Exceptional written and verbal communication skills, with experience engaging regulators and senior executives.
Strong judgment, executive presence, and the ability to influence outcomes without direct authority.
Ability to manage multiple high‑stakes regulatory engagements concurrently under pressure.

Responsibilities

Execute end‑to‑end cybersecurity regulatory engagements, including regulatory exams, supervisory meetings, remediation activities, and requests for information (RFIs).
Coordinate globally with cybersecurity process owners, control owners, and subject matter experts, to deliver accurate, consistent, and regulator‑ready responses – additionally, partner closely with Engineering Controls, Technology Risk (2LOD), Internal Audit (3LOD), and other cross‑functional stakeholders to ensure coordinated and well‑governed regulatory execution.
Reinforce a risk-aware culture through disciplined 1LOD execution.
Drive the development of high‑quality regulatory submissions by coordinating input across control owners, subject matter experts, and technical teams.
Reinforce direction and expectations for clear, accurate, and consistent cybersecurity regulatory responses.
Review, challenge, and approve key regulatory responses to ensure alignment with the firm’s cybersecurity posture and risk appetite.
Contribute to a centralized regulatory response repository, leveraging AI‑enabled capabilities to improve response quality, consistency, and reuse.
Prepare executive‑level briefings, materials, and talking points for senior management. Including preparing materials for senior management committees and boards.
Partner with Engineering Controls, Risk, Compliance, Legal, and Internal Audit leadership throughout regulatory engagements
Provide status updates and analysis to cybersecurity leadership.
Provide leadership, coaching, and oversight to supporting team members.
Maintain accurate regulatory engagement tracking, documentation, and artifacts in accordance with CGRC governance standards.
Contribute to continuous improvement of regulatory engagement playbooks, job aids, and execution routines.
Support reporting and metrics to provide transparency into regulatory risk, themes, and engagement status.
Support the design, implementation, and assessment of controls addressing regulatory expectations.
Contribute to 1LOD risk and control taxonomies.
Identify control gaps, thematic issues, and systemic risks surfaced through regulatory engagements and partner with control owners to drive remediation.

Benefits

BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy.
We provide access to flexible global resources and tools for your life’s journey.
Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume