Director, CYBER THREAT SIMULATION - Global Lead

New York, NY, United States Job Description At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting‑edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide. Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary. We’re seeking a future team member for the role of CYBER THREAT SIMULATION – Global Lead to join our Cybersecurity Platform team. This role is in New York City, NY. In this position, you will lead and develop the Cyber Threat Simulation Service – providing day‑to‑day direction, coaching, and performance feedback – to deliver high‑impact exercises and reporting. The Cyber Threat Simulation team delivers best‑in‑class cyber simulation exercises to facilitate internal training and to clients as required. In addition, we provide realistic phishing simulations and targeted spear‑phishing campaigns. This includes planning, executing and preparing reports for BNY’s Cyber Threat Simulation program. The service plays a critical part in strengthening the firm’s human defense layer by delivering realistic simulations and data‑driven insights that reduce user susceptibility and improve cyber awareness. The role combines operational execution, scenario design, analytics, automation, and stakeholder engagement, and works closely across Cyber Security to include, but not limited to, SOC, Threat Intelligence, Learning, and Communications teams. Responsibilities Lead facilitation of cyber security simulation exercises for audiences that may include senior management and executives; set the tone, pace, and engagement model for the session, while coaching team members on facilitation techniques. Serve as the people leader for simulation development when not facilitating, including assigning work, reviewing deliverables, and driving scenario conception, design, and continuous improvement of exercise content and delivery. Lead and/or assist in the planning and preparation for exercises in conjunction with participating lines of business to determine requirements, manage stakeholders, tailor exercises as required, and coordinate team resourcing and timelines. Lead post‑exercise analysis to translate simulation findings into actionable lessons learned/observations with line of business participants; accountable for producing and quality‑reviewing debrief materials and reports, and for providing coaching feedback to team members to improve future delivery. Manage and develop team members through hiring/onboarding support, goal setting, regular 1:1s, performance feedback, and training plans to build a strong facilitation and analysis bench. Lead and/or assist in the design, build, and execution of both quarterly global phishing tests for employees, contractors, and consultants and targeted spear‑phishing simulations for high‑risk populations based on role, access, threat intelligence, and prior susceptibility. Execute and maintain the phishing testing consequence model, including instant education, remediation training workflows, repeat‑offender tracking, and escalation processes. Collaborate across Cybersecurity Operations to develop simulations informed by real‑world threat intelligence, emerging attacker techniques, and business‑relevant events. Support automation and tooling enhancements for simulation and exercise development, campaign execution, consequence model execution, reporting, etc. Analyze results to identify risk patterns, high‑risk populations, and opportunities for targeted intervention. Partner with Cyber Awareness, Learning, and Communications teams to integrate phishing testing outcomes into broader awareness initiatives. Maintain documentation, operating procedures, and testing standards. Qualifications 12+ years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus. Bachelor’s degree in computer science or related discipline, or equivalent work experience required, advanced degree preferred. A confident, polished presenter and lead facilitator, able to pivot quickly and adapt during a simulation to maintain tempo and steer discussion toward outcomes; able to coach others to deliver the same standard. A strong understanding of data analysis (ability to draw actionable conclusions) and data presentation, translating complex findings into clear narratives for senior stakeholders. Ability to confidently engage, influence, and build credibility with senior leadership and clients as required. Demonstrated people‑management capability (direct or matrix), including setting expectations, running regular 1:1s, supporting hiring/onboarding, providing performance feedback, and guiding career development. Scrupulous attention to detail with ownership for quality standards across scenarios, facilitation materials, and reporting. Proactive and self‑motivated to work ahead of deadlines, doing what it takes to do the job well and above expectation; experienced in people leadership, including coaching, delivering candid feedback, and creating development plans that raise overall team capability. Experience in information security or technology risk and the securities or financial services industry. Experience in cyber simulation planning and execution, including scenario development, scenario design and post‑event analysis and reporting. Strong understanding of phishing, social engineering techniques, and human‑centric cyber risk. Hands‑on experience designing or executing phishing simulations, security awareness programs, or related cyber defense activities. Ability to analyze data and translate results into clear insights for technical and non‑technical audiences. Preferred Qualifications Experience working with cyber threat simulation platforms and security awareness tooling. Experience supporting global programs with diverse user populations and regulatory considerations. Exposure to automation, dashboards, or analytics tools used in cybersecurity programs. Relevant security or risk certifications (e.g., CISSP, GIAC, SANS, or equivalent) are a plus but not required. Benefits and Rewards BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay‑for‑performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter. BNY is an Equal Employment Opportunity/Affirmative Action Employer – Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans. Compensation BNY assesses market data to ensure a competitive compensation package for our employees. The base salary for this position is expected to be between $147,000 and $310,000 per year at the commencement of employment. However, base salary if hired will be determined on an individualized basis, including as to experience and market location, and is only part of the BNY total compensation package, which, depending on the position, may also include commission earnings, discretionary bonuses, short and long‑term incentive packages, and company‑sponsored benefit programs. This position is at‑will and the company reserves the right to modify base salary (as well as any other discretionary payment or compensation) at any time, including for reasons related to individual performance, change in geographic location, company or individual department/team performance, and market factors. Job Info Job Identification 76516 Job Category Information Security Posting Date 04/16/2026, 01:49 AM #J-18808-Ljbffr