Your Opportunity
Managing Director, Cybersecurity Risk Management
The Managing Director, Cybersecurity Risk Management is a senior leadership role reporting to the Head of Technology Risk Management within Corporate Risk Management, the firm's second line of defense. This leader is accountable for the design, governance, and independent oversight of cybersecurity and data risk policies, frameworks, measurement, reporting, and assessment processes. The role requires broad, multidisciplinary expertise across cybersecurity, information technology, data governance, digital assets, and governance, risk, and control.
Key Outcomes:
Leadership Capabilities:
What you have
Required Experience:
12 years minimum of broad cybersecurity expertise, with deep knowledge across infrastructure, cloud, threat management, insider risk, data, and digital assets in a diversified financial services environment of comparable scale and complexity.
Significant leadership experience in cybersecurity, technology risk, information security, or related second-line risk management roles within a large, regulated financial services institution.
Demonstrated ability to design, govern, and mature enterprise risk management frameworks, policies, standards, controls, and reporting processes.
Proven experience providing independent oversight and credible challenge to first-line technology, cybersecurity, cloud, data, and infrastructure teams.
Deep understanding of regulatory expectations for cybersecurity and technology risk management, including experience engaging with regulators, internal audit, and senior risk committees.
Experience leading risk assessments, issue management, control evaluations, and remediation oversight across complex technology environments.
Strong executive presence, with the ability to communicate complex cyber and technology risk issues clearly to senior leadership, boards, regulators, and cross-functional stakeholders.
Experience building or leading high-performing teams with specialized expertise across cybersecurity, data risk, cloud risk, threat management, and risk analytics.
Familiarity with emerging technology risk areas, including AI, digital assets, cloud transformation, third-party technology risk, and evolving cyber threat landscapes.
Cybersecurity Certifications Preferred: CISSP, CISM, CRISC, or equivalent