Technology Risk & Processes - Enterprise Technology Risk Management, Vice President

About The Position

Requirements

• Over 10 years of experience in the financial services or technology sectors.
• Experience in identifying, managing, and monitoring technology risks through effective risk management processes, frameworks, and policies.
• Exceptional interpersonal and communication skills, with the ability to convey technology risks to non-technical audiences.
• Strong initiative, ability to perform well under pressure, and manage multiple diverse assignments.
• Experience in Technology and Resilience is required.
• Experience in IT audits or risk assessments, Information Technology General Controls (ITGC) and cybersecurity controls.
• Familiarity with Information Security Frameworks (e.g., NIST, ISO 27000, CSA Cloud Control Matrix) and ITIL practices.
• Strong communication, negotiation, and presentation skills, with cross-cultural competencies.
• Minimum 10 years of experience in the financial and/or technology industries.
• Strong project management, critical thinking, problem-solving, and decision-making abilities.
• Experience in IT risk management, compliance or audit, including control framework design & implementation.

Nice To Haves

• Prior experience with regulators is desired.
• Experience with regulatory exams and responses is strongly desired.
• Experience in AI adoption and AI risk management.
• Professional IT certifications, e.g., CGEIT, CISA, CISM, CISSP, CCSP, COBIT, CRISC and ITIL would be advantageous.
• Experience with data analytics and GRC tools, including Tableau and Power BI, is a plus.
• Undergraduate or advanced degree in a technology discipline.

Responsibilities

• Lead and support functions within the ETRM Service Catalogue, including real-time risk oversight, technology targeted risk assessments, Material Risk Identification, Regulatory Audit and Client Engagements, and Risk Reporting.
• Advise and/or support on technology risk and regulatory matters.
• Collaborate with ETRM Risk professionals to align with broader Enterprise / Operational Risk Management Programs and mandates at a global level.
• Develop and maintain relationships with Business and IT stakeholders.
• Partner with other second-line stakeholders within the ERM team to ensure the firm’s technology risks and non-compliance are proactively identified, prudently managed (monitored and effectively challenged).
• Develop effective communication channels for measuring and escalating technology risk exposure.
• Evaluate IT Security risks arising from control inefficiencies.
• Participate in due diligence for new clients, vendors, and M&A activities.
• Monitor emerging technology risks and trends in financial services.
• Deliver assignments and projects independently and on time.
• Prepare presentations for Management, Risk committees, and Board meetings.
• Oversee governance, policy, and framework execution across technology processes, ensuring alignment with frameworks.
• Support the development of technology risk oversight and embed ETRM and practices.
• As needed, interact with regulators in alignment with the ETRM program.
• Support reporting for committees/Boards with appropriate and timely information.
• Foster a culture of effective challenge throughout the organization.
• Provide consulting on technology risk management and ongoing guidance aligned with ETRM strategy.
• Stay informed on regulatory developments and their impact on State Street.
• Conduct training in technology risk management.

Benefits

• retirement savings plan (401K) with company match
• insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages
• paid-time off including vacation, sick leave, short term disability, and family care responsibilities
• access to our Employee Assistance Program
• incentive compensation including eligibility for annual performance-based awards
• eligibility for certain tax advantaged savings plans
• inclusive development opportunities
• flexible work-life support
• paid volunteer days
• vibrant employee networks