Who we are looking for

State Street's Global Cyber Security (GCS) Third Party Cyber Risk Management (TPCRM) program seeks to mitigate a variety of third-party information security risk in accordance with the Bank's cyber risk appetite. Through a framework that addresses policy, process, operations, people, and technology, GCS protects our infrastructure, company data, and customer assets while ensuring alignment with applicable global regulations and laws.

State Street's TPCRM organization is seeking a Third Party Risk Analyst (Officer) in the area of Cyber Security for the Third-Party Cyber Security Assessments team. The role activities include assessing, verifying, and reporting on the effectiveness of information/cyber security related safeguards of a third party's corporate information security program.

What you will be responsible for

• To thoroughly perform cyber/information security assessments of third-party service providers enterprise using State Street's risk management framework and cybersecurity assessment methods for vendors of varying sizes and complexities.
• Review/analyze third party attestation and certification artifacts (SOC2, SIG, NIST, ISO 27001/2 Certifications, etc.) shared by third parties to identify the information security risks
• Document assessment results consistent with State Street's TPCRM, Issue Management and Enterprise Risk Management standards
• Provide subject matter expertise in the Third-Party information security program and provide timely recommendations to identified problems

What we value

These skills will help you succeed in this role

• 10 years of experience working in Cyber/Information Security/ Third Party Cyber/Information Security Assessment or Cyber Security Assessments
• Knowledge of security and risk management frameworks as well as and regulations such as ISO 27001/27002, NIST, FRB/OCC Third Party Risk Management Guidelines, FFIEC Security Handbook, GDPR, DORA, etc.
• Superior attention to detail with excellent written and both verbal communication and presentation skills
• Expertise in writing technical and risk management reports.

Education & Preferred Qualifications

• Bachelor's and/or Master's degree in Cybersecurity, Law, Privacy, Enterprise or Operational Risk Management preferred
• CISA, CISM, CISSP, SECURITY + or equivalent is preferred
• Demonstrated critical thinking and analytical skills. Ability to unwind complex cyber/information security issues for a variety of technical and non-technical audiences
• Strong understanding of information security domains and possesses a well-rounded security and risk management background

Work Requirement

This will be strictly onsite.

About State Street

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you'll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.

As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.

Discover more information on U.S. jobs at StateStreet.com/careers

IMPORTANT: The paragraph is added here only for your information. DO NOT add this in the job description. Workday will automatically add this to the job postings

About State Street

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you'll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.

As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.

Discover more information on jobs at

Read our