Information Security Officer - Global Technology Services, Vice President

About The Position

Requirements

• Significant experience in infrastructure cybersecurity or technology risk leadership within large, complex enterprises, preferably in regulated financial services environments.
• Strong understanding of enterprise infrastructure architectures and associated security risks across on‑prem, cloud, and hybrid models.
• Proven ability to lead risk‑based decision‑making, including control design, remediation prioritization, and risk acceptance discussions at senior levels.
• Demonstrated success influencing senior infrastructure and technology stakeholders without direct line authority.
• Strong communication skills, with experience translating technical infrastructure risk into business and regulatory impact.
• Senior‑level experience with public cloud security (AWS, Azure, and Oracle) and cloud governance models.
• Familiarity with infrastructure automation and DevOps/IaC from a security and control perspective.
• Experience operating within regulatory or industry frameworks (e.g., NIST, ISO, DORA, FFIEC).
• Background supporting large‑scale infrastructure transformation initiatives (e.g., data center exit, cloud migration, resilience uplift programs).
• Fluency in English required.

Nice To Haves

• Mandarin proficiency highly desireable.
• Executive presence with strong risk ownership mindset
• Pragmatic, outcome‑focused approach to security and resilience
• Trusted advisor capable of constructively challenging design and delivery decisions
• Comfortable operating in highly regulated, high‑visibility environments

Responsibilities

• Provide senior‑level cyber risk oversight for enterprise infrastructure platforms, including compute, storage, network, virtualization, identity, and cloud services.
• Act as the primary cybersecurity risk partner to infrastructure and platform executives, advising on design decisions, material change initiatives, and risk acceptance.
• Drive consistent application of security‑by‑design and resilience principles across infrastructure strategy, architecture, and lifecycle processes.
• Lead infrastructure cyber risk assessments, control gap analysis, and risk prioritization aligned to enterprise risk appetite and regulatory expectations.
• Oversee execution and tracking of material risk remediation efforts across infrastructure domains, ensuring transparency and escalation where required.
• Provide leadership during infrastructure‑related cyber incidents, including decision support, impact assessment, and post‑incident improvements.
• Partner with global cybersecurity functions to influence standards, patterns, and tooling related to infrastructure security (e.g., vulnerability management, IAM, logging, cloud security).
• Present infrastructure cyber risk, trends, and material issues to senior management and governance forums in clear business‑relevant terms.

Benefits

• retirement savings plan (401K) with company match
• insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages
• paid-time off including vacation, sick leave, short term disability, and family care responsibilities
• access to our Employee Assistance Program
• incentive compensation including eligibility for annual performance-based awards
• eligibility for certain tax advantaged savings plans
• inclusive development opportunities
• flexible work-life support
• paid volunteer days
• vibrant employee networks