MD, Senior Business Information Security Officer

About The Position

Requirements

• Demonstrate strong executive presence, judgment, and accountability consistent with professional responsibilities.
• Lead and develop a small team of cyber risk professionals, setting clear objectives and delivering measurable outcomes.
• Demonstrate strong influencing and risk-based prioritization skills.
• 15+ years of progressive cybersecurity experience, including 5+ years in Financial Services.
• Bachelor's Degree in Cybersecurity or related technical discipline
• Significant experience as an operationally focused cybersecurity practitioner.
• Strong strategic thinking, business acumen, and decision‑making capability.

Nice To Haves

• Previous experience within roles such as Site Reliability Engineering, Data Architecture, Cryptography Engineer, and Security Researcher would be an advantage.
• Relevant technical certifications preferred (e.g., Cloud Security, AI, Blockchain, DevSecOps, CISSP, CISM)

Responsibilities

• Business‑Aligned Risk Responsibilities Represent a complete technical security risk posture for assigned businesses. Ensure risks are identified, prioritized, and addressed in alignment with business objectives and risk appetite. Advise senior leaders on cybersecurity policies, standards, control expectations, and approved architectures.
• Technical Risk Leadership Provide cyber advisory services to the technology and business partners across application, platform, and infrastructure designs. Partner with architecture, security, and engineering leaders to validate control effectiveness and risk decisions. Ensure primary and compensating controls are appropriately designed, reviewed, and sustained.
• Domain & Emerging Technology Expertise Maintain strong practical expertise across cloud‑native and distributed systems, including AI, blockchain, and CI/CD environments. Assess emerging technology risks and guide the adoption of proportionate, scalable security controls.
• Executive, Regulatory & Audit Engagement Engage credibly with executive leadership, Legal Entity Boards, regulators, and second and third lines of defense. Present concise, evidence-based risk narratives, including material issues, trade-offs, and mitigation strategies. Support regulatory examinations, audits, and management reviews with clear ownership and accountability.
• Operating Model & Scale Operate effectively and efficiently within the security engagement and risk governance model. Identify and drive targeted improvements to reduce friction, clarify decision rights, and eliminate low‑value activities. Evolve the cyber operating model to support scalable, product-centric, high-velocity delivery, including responsible use of AI within an established cloud first model.

Benefits

• Employees are eligible to participate in State Street’s comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.