Vice President, Information Security full Stack Engineer

Job Description

At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting‑edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide.

We’re seeking a future team member for the role of Vice President, Information Security Full Stack Engineer to join our Cyber Technology team. This role is in New York, NY / Pittsburgh, PA
.

• Build and maintain full‑stack web applications and services using modern engineering patterns.
• Design and consume REST and gRPC APIs with an emphasis on reliability, security, and maintainability.
• Apply secure coding standards (input validation, authentication/authorization, dependency hygiene, secrets handling).
• Support vulnerability remediation efforts by addressing findings from scanning tools and security reviews.
• Create dashboards and reporting experiences that provide actionable insights (control health, risk posture, remediation progress).
• Automate recurring operational processes to improve efficiency, reduce human error, and increase auditability.
• Collaborate with IAM, network security, endpoint, and governance teams to align applications with security strategy and controls.
• Participate in security assessments and contribute to compliance efforts aligned with organizational standards.
• Independently diagnose and resolve issues across the stack (frontend, backend, CI/CD, environments).
• Contribute to documentation, runbooks, and operational best practices as needed.
• Practical application of Dev Ops/CI/CD and SDLC best practices including code reviews, testing, and release pipelines.
• Leverage modern AI‑assisted development tools to improve code quality, velocity, and maintainability where appropriate.
• (Position Summary) The Vice President, Information Security plays a pivotal role in safeguarding BNY's information assets by developing, implementing, and managing security strategies.
• (Primary Responsibilities) Develop and implement comprehensive information security strategies; conduct regular security assessments and audits; collaborate with cross‑functional teams; monitor emerging security threats; lead incident response; educate employees on security best practices.
• (EDUCATION/QUALIFICATIONS) Bachelor's degree in Information Security, Computer Science, or related field; advanced certifications such as CISSP or CISM preferred.
• (EXPERIENCE) Typically 6–10 years of experience in relevant roles.
• (SKILLS) Strong analytical and problem‑solving skills; excellent communication and collaboration capabilities; proficiency in security tools and technologies.

• Bachelor’s degree in Computer Science, Engineering, or a related field, or equivalent work experience.
• 6 to 10 years of experience in software engineering with hands‑on delivery and a deep understanding of a programming language such as C#, Java, Python (or similar).
• Experience developing APIs and integrations (REST/gRPC), including testing and basic observability (logs/metrics).
• Hands‑on experience with React or Angular (Swift
  
  UI experience is a plus).
• Familiarity with vulnerability management concepts and secure SDLC practices.
• Awareness of common application security risks (OWASP Top 10) and how to mitigate them.
• Practical understanding of core networking protocols and enterprise environments (TCP/UDP, SNMP, firewalls, proxies).
• Working knowledge of Windows and Linux administration fundamentals.
• Experience using Python scripting to automate workflows and integrate systems/tools.
• Familiarity with IAM concepts (SSO, MFA, RBAC, OAuth/OIDC) and general Zero Trust principles.
• Strong problem‑solving and communication skills; able to deliver independently while collaborating in a team.

• Experience building dashboards and reporting (security KPIs, trend reporting, operational metrics).
• Familiarity with cloud platforms and containerization (Docker/Kubernetes) and secure…