Information Security Officer - Global Technology Services, Vice President

The Vice President, Infrastructure Security Officer is accountable for providing enterprise‑level cyber risk leadership across infrastructure platforms, including on‑premises, cloud, and hybrid environments. Operating within the first line of defense, this role partners with infrastructure, technology, and cybersecurity leadership to ensure infrastructure services are secure, resilient, and compliant with regulatory and internal risk standards.

This VP serves as a senior risk advisor and trusted partner to infrastructure owners, influencing architecture, control design, and remediation prioritization while balancing security, operational resilience, and business enablement.

Key Responsibilities

* Provide senior‑level cyber risk oversight for enterprise infrastructure platforms, including compute, storage, network, virtualization, identity, and cloud services.

* Act as the primary cybersecurity risk partner to infrastructure and platform executives, advising on design decisions, material change initiatives, and risk acceptance.

* Drive consistent application of security‑by‑design and resilience principles across infrastructure strategy, architecture, and lifecycle processes.

* Lead infrastructure cyber risk assessments, control gap analysis, and risk prioritization aligned to enterprise risk appetite and regulatory expectations.

* Oversee execution and tracking of material risk remediation efforts across infrastructure domains, ensuring transparency and escalation where required.

* Provide leadership during infrastructure‑related cyber incidents, including decision support, impact assessment, and post‑incident improvements.

* Partner with global cybersecurity functions to influence standards, patterns, and tooling related to infrastructure security (e.g., vulnerability management, IAM, logging, cloud security).

* Present infrastructure cyber risk, trends, and material issues to senior management and governance forums in clear business‑relevant terms.

Required Qualifications

* Significant experience in infrastructure cybersecurity or technology risk leadership within large, complex enterprises, preferably in regulated financial services environments.

* Strong understanding of enterprise infrastructure architectures and associated security risks across on‑prem, cloud, and hybrid models.

* Proven ability to lead risk‑based decision‑making, including control design, remediation prioritization, and risk acceptance discussions at senior levels.

* Demonstrated success influencing senior infrastructure and technology stakeholders without direct line authority.

* Strong communication skills, with experience translating technical infrastructure risk into business and regulatory impact.

* Senior‑level experience with public cloud security (AWS, Azure, and Oracle) and cloud governance models.

* Familiarity with infrastructure automation and Dev Ops/IaC from a security and control perspective.

* Experience operating within regulatory or industry frameworks (e.g., NIST, ISO, DORA, FFIEC).

* Background supporting large‑scale infrastructure transformation initiatives (e.g., data center exit, cloud migration, resilience uplift programs).

* Fluency in English required, Mandarin proficiency highly desireable.

Key Attributes

* Executive presence with strong risk ownership mindset

* Pragmatic, outcome‑focused approach to security and resilience

* Trusted advisor capable of constructively challenging design and delivery decisions

* Comfortable operating in highly regulated, high‑visibility environments

Salary Range:

$120,000 - $217,500 Annual

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Employees are eligible to participate in State Street's comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee…