Job offer
Regulatory Penetration Testing Lead, Managing Director
The Regulatory Penetration Testing Lead (Managing Director) at State Street is responsible for coordinating and leading regulatory penetration testing and will lead a team of experts to strengthen the company's security resilience against cyber threats. The ideal candidate will have experience in offensive security, threat modeling, and security assurance methodologies.
Job description
Tasks
- Strategy and Leadership:
- Develop and implement a global strategy for all security testing in coordination with senior global cyber security executives.
-
- Act as the primary subject matter expert for global threat-driven penetration testing activities, identifying unique requirements across different jurisdictions and ensuring the successful execution of testing activities.
-
- Engagement with internal stakeholders to understand the results of threat-driven penetration testing in the context of the larger control environment
-
- Maintain a global overview of test coverage, risk trends, and program maturity; provide strategic recommendations for improvements
- Program management and execution:
- Lead a team of internal and external subject matter experts and project managers on test design, execution, and support for control owners
-
- Test lifecycle design, development, engagement rules, and reporting guidance
-
- Work closely with control owners and business units to understand the results of threat-driven penetration testing activities.
-
- Collaborate with global cyber security and infosec teams to analyze test results in the context of the global threat landscape and control environment
Requirements
We appreciate
- Strong leadership skills and situational decision-making
- High level of attention to detail and analytical rigor
- Ability to inform and influence in a global environment
- Pragmatic problem solving with a risk-based mindset
- Commitment to high ethical standards
Education & preferred qualifications
- 10+ years of experience in cybersecurity disciplines, including but not limited to penetration testing, exploit development, threat modeling and control design, cyber threat intelligence, threat hunting, and incident response
- Experience in the financial services industry
- Experience with security standards and frameworks
- Relevant industry certifications such as OSCP, OSCE, GPEN, and/or CPT
Further requirements
- Occasional travel
Salary
- $170,000 - $282,500 annually
Benefits
- Comprehensive benefits program, including:
- Company pension plan (401(k)) with company contribution
- Insurance coverage, including medical, dental, vision, and long-term disability insurance
- Paid leave, including vacation, sick leave, short-term disability, and family care compensation
- Access to the Employee Assistance Program
- Incentives and rewards (including eligibility for annual performance bonuses and/or sales incentive plan)
Job details
Training opportunities powered by skillaware.