IT (Cyber) Audit

IT (Cyber) Audit (State Street Bank and Trust Company; Boston, MA): This cyber auditor position will be responsible for working closely with peers for infrastructure, security, and application audit while working with a diverse global team. Collaboration with State Street’s cyber security organization is essential. Will strive for cutting-edge solutions, that are straightforward and scalable as well as build resilience and execute day to day deliverables. Will join a growing team that is focused on building leading practices. Specific duties of the position include: Manage the planning, assessment, testing and reporting phases of cyber audits and cyber focused validation activities; Work as part of an international team, collaborating closely with global peers for infrastructure, security, and application and business audit; Maintain a thorough knowledge of cyber risks, changes in the regulatory environment pertaining cyber, and innovative assurance approaches; Develop and maintain relationships with key stakeholders across the organization, including the banks' cyber security organization; Communicate audit progress, findings and recommendations effectively to senior management; and Prepare and review audit work papers to ensure compliance with the division’s audit methodology. Hybrid remote telecommuting permitted pursuant to Company policy.

Minimum Requirements: Bachelor's degree or equivalent degree in Information Technology, Computer Science or a related field; plus 5 years of experience auditing information security or cyber risk management. Alternatively, will accept a Master's degree or equivalent degree in Information Technology, Computer Science or a related field; plus 3 years of experience auditing information security or cyber risk management.

Must have: A deep understanding of cyber risks processes, controls, industry standards, and a strong knowledge of NIST, MITRE, and Defense in Depth concepts; Audit or assurance experience working in the banking or financial services industry or other regulated industries; Expertise in evaluating cyber security risks and the ability to develop and implement effective audit testing strategies with a strong understanding of regulatory compliance requirements for the banking industry; Strong knowledge of Cyber and Cloud technologies and tools, Identity and Access Management, Security Incident and Event Management (SIEM) technologies and cyber operations, and incident and response processes. (Unless otherwise indicated, State Street is seeking the stated ability in the skills listed above with no specific number of years or amount of experience required. All experience can be gained concurrently.)

To apply to this position, you must click the “Apply” button on this page and complete the online application.  An EOE.

#LI-DNI

Salary Range:

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Job Application Disclosure:

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.