Fantastic opportunity to be a transformation leader!
Information Risk Officer (IRO) - BNY Mellon Investment Management
BNY Mellon Investment Management is one of the world's leading investment management organizations, and one of the top U.S. wealth managers, encompassing BNY Mellon's affiliated investment management firms, wealth management organization and global distribution companies. BNY Mellon's multi-boutique model encompasses the skills of world-class, specialized investment managers who are all leaders in their respective fields. Each is solely focused on investment management, and each has its own unique investment philosophy and process. We are an investment manager of choice for the world's governments, corporations, foundations, endowments, pension plan sponsors, advisors, intermediaries and mutual fund investors.
This is a unique opportunity that extends cybersecurity risk management into the business’ operational activities. This candidate would be working directly with senior executives within the Investment Management business to support the implementation of the cybersecurity risk management program, partner with our legal, technology, compliance and risk organizations to provide comprehensive solutions to complex and multi-faceted cybersecurity risks. This is not a technology role but one that incorporates people, process and technology to deliver fit-for-business solutions. The ideal candidate will have the opportunity to influence the development of the cybersecurity risk program across the IM organization.
The individual would report directly to the CSIRO of Investment Management and would direct cybersecurity activities for business mergers, acquisitions, and business partnerships as well as integrate the current cybersecurity program into the day-to-day business operations of our IM Center organization. This individual would support and manage the following initiatives:
· Primary point of contact for business units within the Investment Management Center on cybersecurity risk matters
· Integration of the IM Center business areas into the cybersecurity risk management services and programs
· Conduct cybersecurity reviews on Investment Management mergers, acquisitions, business partnerships and divestitures
· Partner with the IM Center business areas, legal, risk, compliance and technology areas to remediate identified cyber-risk
· Partner with the Senior Information Risk Officers (SIROs) to deliver the IM cybersecurity risk management framework
· Development metrics/reporting for all Investment Management boutiques
The ideal candidate will understand the investment management industry and/or financial services business vertical, have an understanding of the laws and compliance rules that govern investment advisers and broker/dealers, and have the business acumen to explain complex cybersecurity risks into business impacts.
· CISM and/or CRISC certification or the ability to obtain certification within 12 months
· 8+ years of cybersecurity risk management experience in 2 or more of the following cybersecurity risk areas:
o User Access Management
o Risk Assessment (including Vendor Risk Management)
o Security Awareness and Training
o Cybersecurity Risk Governance
o Incident Management and Response
· 5+ years in financial services or asset management industry experience
· Proficient understanding of the legal and regulatory framework for investment advisers and broker / dealers
· A collaborative approach to working with colleagues and strong interpersonal skills.
· Strong written and verbal communication skills; ability to be clear and concise.
· Strong project management and organizational skills.
· Very high energy level with the ability to be both a self-starter and a team player; proactive and performance-driven in a fast-paced, dynamic environment, akin to a start-up culture.
· Ability to navigate and thrive in a large, complex, global organization.
· Global acumen and experience working across borders, time zones and cultures.
· The executive presence to work with senior leaders within the BNY Mellon organization.