Chief Information Security Officer - Managing Director

State Street seeks to recruit a Chief Information Security Officer - Managing Director to improve the overall protection of State Streets EMEA customers and partners from the evolving landscape of threat actors.

The EMEA CISO candidate must have experience driving security through leadership down through the organization on a large scale. This candidate should be a proven global cyber security leader who has experience in delivering on strategic outcomes with business operational quality and a focus on business needs. The candidate should have experience scaling security solutions to ensure sustainability and endurance throughout constant change. This leader will be part of a team responsible for ensuring the security of the business and functional teams in line with company and security policy, standards, and guidelines. The position will report to the SVP, Global Cyber GRC & GTS Tech Risk Mgmt Head.

This role will be based in the EMEA region for State Street.

What you will be responsible for

This leader will function at the Executive Leadership level for the EMEA region. Contribution to the development and progression of the Business exercise of connecting security into their strategic and tactical plans will be a critical success criteria. The CISO function will champion the Information Security mandate from the Global CISO acting as a critical partner guiding stakeholders to embed information risk management practices. The CISO candidate must be able to present to multiple audiences including external customers and clients. Critical measurements through developed KPIs reporting to the GRC team will also define business adoption to the Security framework governing State Street.

Key Responsibilities:

• Serve as key Security contact for the EMEA region leadership team.
• Collaborate with Global Cyber Security and assigned business partner teams to ensure the business aligns plans addressing security policies in their products and services.
• Work across the BISO Organization to appropriate shared success solutions.
• An ability to motivate and manage a team of information security staff supporting the organizations goals and an ability to lead the process of developing an information security vision for the future.
• An ability to cultivate and build collaborative working relationships with a broad range of enterprise stakeholders.
• Ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• Drive change through the ability to effectively influence others to modify their opinions, plans, or behaviors.
• Perform Ad-Hoc security awareness to ensure region is fully aware of current threats facing the company.
• Provide security leadership presence at a number of risk committees on a cadence basis.
• Manage application risk and remediation prioritization based on a portfolio of regional assets.
• Review and present Phishing statistics with educational sessions on improvement tactics.
• Communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner.
• Consistently display working knowledge of the following areas of technical expertise: information policy formulation, information security management, business risk management, IT risk assessment and management.
• Communication laterally and upwards the business temperament to security requirements.
• Create visibility through effective security and risk metrics and reporting.
• Build budget in conjunction with needs to ensure success of the implementation of security within the regional area.
• Execute the implementation of Global Cyber Security strategies and tactics aligned to key State Street risk and business needs.
• Participate actively in key Risk decision committees and forums for consistent visibility into the state of security within the region.
• Create and deliver effective presentations as a means for communicating project and deliverable progress.
• Provide regular status updates to the SVP, GRC on business dealings affecting Security.
• Build and nurture positive working relationships with clients with the intention to exceed client expectations.
• Work cross-functionally with team members to support and drive a collaborative team environment down through the BISO community.
• Mentor and train team members on security processes, governance, and frameworks applicable to EMEA region.
• Provide business understanding of technical problems for highly executable remediation activities.

Desired Outcomes

• KPI development demonstrating success within the Regions security program.
• Adherence to all regulatory compliance mandates throughout the Business Unit.
• Security transformation of Business Unit staff improving overall security.
• Promotion of a collaborative team atmosphere for mutual success in business alignment to GCS requirements.

Key relationships:

• ISO Strategy and Transformation Lead
• Information Security Officers
• EMEA Business and Functional Leaders
• SVP, Cyber Fusion Center
• SVP, Cyber Architecture & Security Engineering
• SVP, Cyber Governance & GTS Tech Risk Mgmt Head
• EVP, Head of IT EMEA
• Cyber Transformation Office
• Collaboration with 3LOD - Compliance, Risk Management, Corporate Audit

Education & Preferred Qualifications

• 15+ years of experience in information security, a security-related field or other information risk management function.
• Strong experience within the Financial Services industry.
• Modern technical understanding and experience developing and implementing large-scale innovation.
• Extensive experience in strategic planning, budgeting, and allocation.
• Depth with modern technology stacks - data science, machine learning, cloud (hybrid).
• Project Management experience leading large and small technical teams.
• Experience operating in a regulated environment.
• Bachelors degree in a technical field.

Critical Leadership Capabilities

• Driving results
• Strategic Thinking
• Collaborating & Influencing
• Change Management
• Senior Executive communication
• Personnel Management
• Project Management

J-18808-Ljbffr