GRC - IT Security Officer

Job Title

GRC - IT Security Officer-1

Role Summary & Role Description

The Information Security Management Program Team (ISRMP) is looking for an Analyst to assist in the GCS application security assessment process as a contributor in a team ensuring completion of reviews with consistency and accuracy.

Overall have 8-10 years of experience of which Possesses 3+ years of experience relevant to Governance, Risk and Compliance, experience working in Information Security or general IT areas related to risk management, controls assurance, compliance programs, cybersecurity and information security industry standards.

Core/Must have skills

Demonstrate robust knowledge and understanding of technology and security risks and IT general controls.

Identity control gaps and provide control solutions to mitigate risk where applicable & communicate with stakeholders to adhere to firmwide standards.

• GCS Analyst validates evidences provided by business against every milestone achieved from the remediation plan

• Relate compensating control to GCS standard and evaluate if measures adopted by business mitigate the self-identified risk to acceptable level

• GCS analyst reaches out to ISO/Business if compensating control is not convincing.

e.g.: If user recertification is not being performed, then there should be two factor authentication and dormant ids (inactive for more than 60 days should be auto disabled)

Independently validate remediation activities as documented by business to achieve resilient and secure networks, operating systems, and applications.

• GCS analyst evaluates responses and highlights contradictory responses. if responses do not align to GCS expectations, it is considered as a control failure/gap

• GCS Analyst is expected to provide detailed explanation on the standards requirement to Stakeholders

• If required, discuss control environment and suggest solutions to document identified issues

• Provide  independent observations on attached evidences and request for more information where applicable

Experience in interacting with various multi-disciplinary teams of professionals.

Effectively communicate with peers and management and obtain additional evidence where applicable

Build strong relationships with subject matter experts and other stakeholders to drive risk excellence

Contribute to monthly metrics and updates for issues designated to candidate.

Distribute monthly publications for Global Cyber Security management on ISRMP status of issues.

Service Now, MS Excel, PowerPoint, Archer, and SharePoint a plus

Good to have skills

Strong time management skills, problem-solving and critical thinking skills

Strong verbal and written communication skills

Prior knowledge of Service now tool and process a plus.

Experience working in the Financial industry preferred.

Experience working in Information technology/information Security is preferred.

Work Schedule

Hybrid

Keywords (If any)

ISRMP, Information Security, Risk Assessment, Application security, Integrated Risk Management Module,IRM, Governance, Risk and Compliance, general IT areas related to risk management, controls assurance, compliance programs, cybersecurity and information security industry standards.

Why this role is important to us

Our technology function, Global Technology Services (GTS), is vital to State Street and is the key enabler for our business to deliver data and insights to our clients. We’re driving the company’s digital transformation and expanding business capabilities using industry best practices and advanced technologies such as cloud, artificial intelligence and robotics process automation.

We offer a collaborative environment where technology skills and innovation are valued in a global organization. We’re looking for top technical talent to join our team and deliver creative technology solutions that help us become an end-to-end, next-generation financial services company.

Join us if you want to grow your technical skills, solve real problems and make your mark on our industry.

About State Street

What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, we’re making our mark on the financial services industry. For more than two centuries, we’ve been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.

Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary by location, but you may expect generous medical care, insurance and savings plans, among other perks. You’ll have access to flexible Work Programs to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential.

Inclusion, Diversity and Social Responsibility. We truly believe our employees’ diverse backgrounds, experiences and perspectives are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift programs and access to employee networks that help you stay connected to what matters to you.

State Street is an equal opportunity and affirmative action employer.

Discover more at StateStreet.com/careers