The Cyber Shared Services Manager will oversee the development and implementation of program and practices related to cyber security shared services. The Cyber Shared Services Manager is responsible for coordinating with each information security domain owner to roll out security services and coordinate with each group company to agree on the level of service.

– Develop, implement, and manage the overall cyber security shared service catalog in coordination with the domain owners (e.g., identity access management, systems engineering, security operations). Coordinate with domain owners to prioritize their security shared service roll out and adoption by group companies.

– Act as the global central point of contact for all cyber security shared services for each group company, cyber security, and across the three lines of defense. Coordinate with group companies to define formal service level agreements and monitor adherence.

– Development of a plan after determining which metrics should be rolled out first in coordination with domain owners. Define, review, and update thresholds, SLAs as needed.

– Oversee the implementation of security self-service center (e.g., ticketing system)

– Operationalize metrics and reporting to track and monitor the level of service and drive towards automation.

– Understand issues with shared service delivery and coordinate to resolve in efforts to maintain appropriate level of service.

– Drive to operationalize shared services and regularly report to management (e.g., CISO) on progress.

– A college degree (BS/MS)

– Combined 15+ years’ experience across information security (IS), IT / IS operations, and IT / IS service delivery. Strong understanding of cyber security capabilities and operating in an environment which delivers cyber security as a service.

– Strong understanding of Banking & Securities processes and ability to translate cyber security risks into business implications.

– Right perspective, i.e., finds the right balance between business needs, innovation and cyber security requirements.

– Ability to interface with top management as well as the diverse cultures of domestic and international.

– Excellent communication skills, writing and public speaking.

– Strong understanding of cyber security practices in Banking.

– Experience with IT Service Management technology and metrics & reporting including knowledge of ServiceNow, Tableau, or similar types of ticketing and reporting technology.

– Knowledge of information security tools / processes including identity governance & administration (e.g., AzureAD Identity Governance), privileged access management (e.g., CyberArk), Vulnerability Management etc.

Additional Requirements

– D&I Commitment

– Responsible for fostering a culture of diversity and inclusion, holding leaders accountable for creating an inclusive environment through awareness and practice of equity in recruiting, developing, and promoting diverse talent.