State Street Information System Security Analyst, AVP in Krakow, Poland
Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.
Our promise to maintain an environment where every employee feels valued and able to meet their full potential infuses our company values. It’s also part of our commitment to inclusion, development and engagement, and corporate social responsibility. You’ll have tools to help balance your professional and personal life, paid volunteer days, and access to employee networks that help you stay connected to what matters to you. Join us.
State Street’s Corporate Information Security (CIS) group plays a key role in the bank’s enterprise third party/vendor risk management function. The CIS vendor risk team is seeking an experienced third party risk analyst to conduct information security risk assessments of critical suppliers.
This role will:
- collaborate with supplier relationship managers to help document the inherent risks in certain third party relationship and the controls in place to ensure a secure and compliant engagement
- be responsible for reviewing security controls and/or regulatory compliance measures present at high and critical-rated Third Party Providers utilized by State Street
- develop reports to help CIS management, business line management and other risk-related stakeholders understand the status of ongoing assessments, the actions required to remediate risks, and the risk posture of certain business units as it relates to vendors
- collaborate with State Street’s Legal and Procurement groups to ensure that contracts with third parties reflect an appropriate level of control for IT/security risks.
In this role, the analyst must be capable of influencing courageously at all levels of the organization to ensure that third party relationships strike an effective balance between business and security requirements.
- 3 to 6 years of prior IT Audit or Information Security experience, particularly in a role related to third party risk assessment
- Familiarity in reviewing SSAE16 and other independent reports, and a strong knowledge of applicable federal and state privacy/security laws and accreditation standards
- Proven ability to translate complex regulations (ISO, SOX, NIST, UK PRA, EU Data Directive, HIPAA, and PCI, etc) into clear, easily understood action plans
- Effective written and oral communication skills
- Strong negotiation skills
- Ability to train others in security concepts
- Ability to synthesize data about to information risks to identify hidden trends and themes, and to communicate this information to internal stakeholders
- Industry certification a plus (CISSP, CISA or CISM, etc)
Bachelor’s or master’s degree in computer science, management information systems, business administration, or related discipline
State Street Job ID: 166514
To apply to this position, follow the "apply now" link. To locate this position in our application page, please use the KEYWORD search functionality and insert either the State Street Job ID or the Location.
Job Title: Information System Security Analyst, AVP
Job ID: 166514
Full/Part Time: Full FTE
Location: Poland - Krakow