Who are we looking for:

State Street’s Global Cyber Security organization is seeking an experienced technical manager to lead a team focused on regulatory penetration testing. The Managing Director of Regulatory Penetration Testing will be responsible for coordination and management of the full lifecycle of regulatory penetration testing activities, from initial notification through test design and implementation, as well as follow-on support to stakeholders across the enterprise. The ideal candidate will leverage a deep background in offensive security, threat modeling, and security assurance methodologies to help enhance the firm’s resilience against an evolving cyber threat landscape.

What will you be responsible for:

• Strategy and Leadership
  • In coordination with senior Global Cyber Security leaders, develop and implement a global strategy for all security testing
  • Serve as the primary subject matter expert in global threat-led penetration testing activities, identifying unique requirements across jurisdictions and ensuring successful execution of testing activities
  • Lead engagement with internal stakeholders to understand the outputs of threat-led penetration tests within the context of the larger control environment
  • Maintain a global view of testing coverage, risk trends, and program maturity, providing strategic recommendations for improvement
• Program Management and Execution
  • Manage a team of internal and external subject matter experts and project managers across test design, execution, and follow on testing support to control owners
  • Lead testing lifecycle design, including overall scope definition, rules of engagement, and reporting
  • Work closely with control owners and business units to understand the results of threat-led penetration testing activities
  • Coordinate with Global Cyber Security and lines of defense peers to analyze test results in the context of the global threat landscape and controls environment

What we value:

• Strong leadership and situational decision-making
• High attention to detail and analytical rigor
• Ability to inform and influence in a global environment
• Pragmatic problem-solving with a risk-based mindset
• Commitment to high ethical standards

Education & Preferred Qualifications

• 10+ years of prior experience within cybersecurity disciplines, including but not limited to penetration testing, exploit development, threat modeling and controls design, cyber threat intelligence, threat hunting and incident response
• Prior cybersecurity experience within the financial services sector
• Prior experience working with security standards and frameworks
• Relevant industry certifications such as OSCP, OSCE, GPEN, and GWAPT

Additional Requirements

• Occasional travel

Salary Range:

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Employees are eligible to participate in State Street’s comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.

For a full overview, visit https://hrportal.ehr.com/statestreet/Home.

About State Street

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you’ll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.

As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.

Discover more information on jobs at StateStreet.com/careers

Read our CEO Statement

Job Application Disclosure:

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.