Technology Risk & Processes - Enterprise Technology Risk Management, Vice President
State Street•Quincy, MA
About The Position
The Enterprise Technology Risk Management (ETRM) organization is part of the Enterprise Risk Management organization in State Street Corporation (SSC). ETRM, as a Second Line of Defence (SLOD), is responsible for thought leadership, oversight, monitoring, and advisement around the discovery and remediation of Technology Risk and Cybersecurity Risk. This role is critical to establishing a world-class Technology and Cyber Risk Management Oversight program that aligns business and technology strategies for effective decision-making. As the organization undergoes significant transformations and risk reduction initiatives, this role will provide thought leadership and support to both ETRM peers and first-line stakeholders (business and corporate areas).
Requirements
- Over 10 years of experience in the financial services or technology sectors.
- Experience in IT audits or risk assessments, Information Technology General Controls (ITGC) and cybersecurity controls.
- Familiarity with Information Security Frameworks (e.g., NIST, ISO 27000, CSA Cloud Control Matrix) and ITIL practices.
- Experience with regulatory exams and responses is strongly desired.
- Experience in AI adoption and AI risk management.
- Ability to articulate technical issues to non-IT stakeholders and business perspective to IT stakeholders.
- Strong communication, negotiation, and presentation skills, with cross-cultural competencies.
- Minimum 10 years of experience in the financial and/or technology industries.
- Strong project management, critical thinking, problem-solving, and decision-making abilities.
- Experience in IT risk management, compliance or audit, including control framework design & implementation.
- Flexibility to accommodate business hours across EMEA and global teams.
- Strategic mindset to connect various aspects and initiatives for a holistic risk and control environment.
- Ability to be a strong voice for review and challenge while continuing to maintain positive relationships with stakeholders.
- Strong multitasking skills and ability to navigate competing priorities.
- Effective relationships management across diverse cultural groups.
Nice To Haves
- Prior experience with regulators is desired.
- Experience in Technology and Resilience is required.
- Professional IT certifications, e.g., CGEIT, CISA, CISM, CISSP, CCSP, COBIT, CRISC and ITIL would be advantageous.
- Experience with data analytics and GRC tools, including Tableau and Power BI, is a plus.
- Undergraduate or advanced degree in a technology discipline.
Responsibilities
- Lead and support functions within the ETRM Service Catalogue, including real-time risk oversight, technology targeted risk assessments, Material Risk Identification, Regulatory Audit and Client Engagements, and Risk Reporting.
- Advise and/or support on technology risk and regulatory matters.
- Collaborate with ETRM Risk professionals to align with the broader Enterprise / Operational Risk Management Programs and mandates at a global level.
- Develop and maintain relationships with Business and IT stakeholders.
- Partner with other second-line stakeholders within the ERM team to assure the firm’s technology risks and non-compliance are proactively identified, prudently managed (monitored and effectively challenged).
- Develop effective communication channels for measuring and escalating technology risk exposure.
- Evaluate IT Security risks arising from control inefficiencies.
- Participate in due diligence for new clients, vendors, and M&A activities.
- Monitor emerging technology risks and trends in financial services.
- Deliver assignments and projects independently and on time.
- Prepare presentations for Management, Risk committees, and Board meetings.
- Oversee governance, policy, and framework execution across technology processes, ensuring alignment with frameworks.
- Support the development of technology risk oversight and embed ETRM and practices.
- As needed, interact with regulators in alignment with the ETRM program.
- Support reporting for the committees/Boards with appropriate and timely information.
- Foster a culture of effective challenge throughout the organization.
- Provide consulting on technology risk management and ongoing guidance aligned with ETRM strategy.
- Stay informed on regulatory developments and their impact on State Street.
- Conduct training in technology risk management.
Benefits
- Our retirement savings plan (401K) with company match
- Insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages
- Paid-time off including vacation, sick leave, short term disability, and family care responsibilities
- Access to our Employee Assistance Program
- Incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans)
- Eligibility for certain tax advantaged savings plans
- Inclusive development opportunities
- Flexible work-life support
- Paid volunteer days
- Vibrant employee networks
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
