BNY Mellon Careers
Senior Group Manager - Information Security
- Responsible for overall planning, development, implementation, and oversight of the legal entity information security initiatives and cybersecurity services program.
- In collaboration with the ISD & legal entity management, the incumbent will assume overall responsibility for developing and maintaining the legal entity information security road-map for ensuring the security of technology services, computer systems, data networks, and data
- The incumbent will be required to baseline the existing set of information security practices & controls at the legal entity, define the maturity model in sync with the cybersecurity services program and drive the maturity model implementation program within the agreed timelines. Manages all changes to the scope and requirements through a formally defined change control process. Defines and manages the lifecycle from project initiation through to program closure.
- Provide strategic and technical guidance and assistance in the design and implementation of appropriate security processes for the legal entity information systems, recommend and monitor computing practices to prevent and recover from security breaches and handle breaches when they occur with the appropriate sense of urgency
- Work collaboratively with legal counsel, risk & compliance, data custodians, and the technology teams to establish information security programs, including: information security policy, practices, and standards; information security response and management, risk assessment and management of information security related IT architecture
- Point of contact for local business lines, partners and regulators for the information security activities and cybersecurity services program.
- Provide direction, support and in-house consulting in the information security areas for the legal entity
- Understand the IT threat landscape for the industry and ensure continued compliance with laws and applicable regulations
- Communicating with executive management to ensure support for the information security strategy and provide updates to relevant boards and committees where required
- Become a trusted business adviser and brief the executive team on information security risk management, including strategy and necessary budget
- Lead the execution and delivery of any entity level information security projects
- This position will also coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event
- Provide a local point of contact to the information security incident management process
- Provide feedback into the ISD cybersecurity strategy and services to ensure legal entity requirements are met including the definition of tailored products and services
- Contributes to the achievement of ISD objectives
- Assists in the development and review of policies regarding CTS security architecture, security monitoring and auditing, incident reporting/response and forensics.
- Leads and oversees broad information security projects and resourcing. Liaises with business process owners to ensure ongoing alignment. Participates in the planning and implementation of security for complex Technology projects.
- Assists in the evaluation of security applications and systems. Presents recommendations on whether to use systems to senior management. Demonstrates advanced ability to conduct cost-benefit analysis to justify investment in security and/or COB controls to mitigate risks.
- Presents advanced analyses to senior management with recommendations aligning customer/business needs and capabilities. Evaluates new and emerging products and technologies, recommending which technologies to implement, develops functional specifications and documentation. Monitors budgets and schedules for projects conducted by teams and ensures they are completed in a timely manner.
- Recruits, directs, motivates and develops staff, maximizing their individual contribution, their professional growth and their ability to function effectively with their colleagues as a team.
- Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred
- 12 years of extensive experience in information security or related technology experience required, experience in the securities or financial services industry is a plus
- Extensive knowledge of and experience in information security
- Financial Services background highly desirable
- Security certification is beneficial, such as CISM, CISSP, CRISC, CISA
- Ability to adapt to a fast-moving IT landscape and keep pace with latest thinking and new security technologies
- Demonstrated experience with developing and maintaining information security policies.
- Experience with information security related issues involving identity and access management, intrusion detection, forensics, incident management, risk management and/or auditing.
- Excellent verbal and written communication skills, including the ability to explain technical concepts to audiences with a wide range of technical skills
- Leadership, collaboration and conflict resolution.
- Ability to work independently as well as in a team-oriented, collaborative environment
- Ability to deal efficiently and effectively with a wide range of vendors
- Ability to work effectively with staff from a variety of diverse backgrounds
- A passion for technology and security safeguarding with a desire to deliver
- Thrives on change, showing an impressive ability to drive the Information security strategy forward
- Analytical mind capable of managing numerous information sources and providing data analysis reports to senior management
- Strong customer focus – able to meet the demands of internal and external customers
- Flexible and adaptable – capable of changing direction where required and showing flexibility to meet new demands
- Technical experience in network administration, system administration, application development, database administration, and/or data center operations.
For over 230 years, the people of BNY Mellon have been at the forefront of finance, expanding the financial markets while supporting investors throughout the investment lifecycle. BNY Mellon can act as a single point of contact for clients looking to create, trade, hold, manage, service, distribute or restructure investments & safeguards nearly one-fifth of the world's financial assets. BNY Mellon remains one of the safest, most trusted and admired companies. Every day our employees make their mark by helping clients better manage and service their financial assets around the world. Whether providing financial services for institutions, corporations or individual investors, clients count on the people of BNY Mellon across time zones and in 35 countries and more than 100 markets. It's the collective ambition, innovative thinking and exceptionally focused client service paired with a commitment to doing what is right that continues to set us apart. Make your mark: bnymellon.com/careers.
Client Technology Solutions provides our business partners with client-focused, technology-based solutions. These enhance their ability to be successful through world-class software solutions and leading-edge infrastructure. Client Technology Solutions provides employees with the tools and resources to enhance their professional qualifications and careers.
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer.
Minorities/Females/Individuals With Disabilities/Protected Veterans.
Primary Location: United States-New Jersey-Jersey City
Internal Jobcode: 45316
Job: Information Technology
Organization: Information Security-HR11724
Requisition Number: 1714293