Governance Lead, SaaS Security - Charles River - Vice President
Who we are looking for
We are looking for an experienced, hands-on Security Governance Lead for CRD SaaS team, who will play the key leadership role in defining, implementing and operating security, compliance, identity management and governance processes and controls across managed hosting and Microsoft Azure platforms, facilitating secure and efficient SaaS management and operations. Why this role is important to us
The team you will be joining is a part of Charles River Development (or CRD), that became a part of State Street in 2018. CRD helps create enterprise investment management software solutions in a Software as a Service (SaaS) for large institutions in the areas of institutional investment, wealth management and hedge funds. Together we have created first open front-to-back platform - State Street Alpha, that was launched in 2019. In this role you will help our team to provide agile security governance to SaaS clients. What you will be responsible for
As a SaaS Security Governance Lead for CRD SaaS team you will:
What we value
- Plan, automate and operate processes and controls across SaaS client deployments to tackle security, compliance, technical and business challenges, while taking into account SaaS clients business requirements.
- Oversee, plan and automate identity management process and workflows, such as on-boarding and termination, for Windows Active Directory and Azure Active Directory.
- Develop polices to ensure adherence to information security standards such SOC 2, ISO 27001, NIST etc.
- Track the security and governance KPI's for SaaS clients deployments.
- Manage complex support relationships with key vendors, including managed hosting providers.
- Collaborate with internal Risk and Compliance team to manage informational risks and compliance efforts
- Liaison with internal SaaS services owners to identify and mitigate security risk, threats and vulnerabilities
- Assist with integrating Threat Modelling practices to identify, quantify and prioritize the threats mitigations
Education & Preferred Qualifications
- Strong experience developing automation with PowerShell, Azure CLI or Python, familiarity with Microsoft Azure API's to implement continuous governance and security processes and controls.
- Knowledge and hands-on experience with Microsoft Active Directory, Azure Active Directory (AAD), and Azure IaM and RBAC.
- Security engineering experience; which includes requirements analysis, software systems development, network security architecture concepts (topology, protocols, firewalls, demilitarized zones, encryption).
- Familiarity with developing Azure governance and security baselines using Azure Policy.
- Good understanding of monitoring, alerting and Microsoft Azure resource life cycle management
- Applicable knowledge of Cloud Governance, Cloud Security, Data Protection and Network Security, Application Security, familiarity with Containers and Windows/Linux OS security.
- Familiarity with cyber-security capabilities (SIEM, SOC, Vulnerability Management, Threat intelligence etc.)
- Familiarity with Microsoft Azure Well-Architected Framework and security standards such as NIST and CIS.
- Analytical skills to analyze, govern and secure the SaaS business processes
About State Street What we do.
- Bachelor's degree in Computer Science, Information Security or relevant technical field, Master's preferred
- 10+ years in Security engineering, Information Security, Cloud management and governance
- Hands-on experience managing and operating workloads in Microsoft Azure
- Hands-on experience with Windows AD and Azure AD
- Certifications: Azure Security Engineer Associate, the CSA Certificate of Cloud Security Knowledge (CCSK), CISSP.
State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation we're making our mark on the financial services industry. For more than two centuries, we've been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients. Work, Live and Grow.
We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary in locations, but you may expect generous medical care, insurance and savings plans among other perks. You'll have access to flexible Work Program to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential. Inclusion, Diversity and Social Responsibility.
We truly believe our employees' diverse backgrounds, experiences and perspective are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome the candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift program and access to employee networks that help you stay connected to what matters to you.
State Street is an equal opportunity and affirmative action employer.
Discover more at StateStreet.com/careers