Cyber Risk & Third-Party Security Analyst

Who We Are Looking For:This opportunity is ideal for individuals interested in contributing to our team as a Security Analyst within State Street’s Global Technology Services organization. Our technology function, Global Technology Services (GTS), is vital to State Street and is the key enabler for our business to deliver data and insights to our clients. We’re driving the company’s digital transformation and expanding business capabilities using industry best practices and advanced technologies. The ideal candidate leads with integrity, embraces creativity, and invests in personal growth. This role requires a collaborative mindset, a passion for innovation, and the ability to inspire others.What you will be responsible forIn this role, you will perform the following day-to-day activities:Perform cyber due diligence assessments within State Street’s Third Party Cybersecurity Risk Management Program in alignment with current regulatory requirements and risk-based reviews including new engagements and ongoing monitoring of existing providers.Review and ensure quality and timely responses in support of State Street’s global internal business units by providing accurate and in-depth due diligence risk assessments of third-parties holding data outside of State Street’s controls. The analyst is expected to evaluate how the third party supports and provides services to State Street and how their features affect State Street SecurityAssist with initial and recurring reviews of third-party Security Schedules; provide guidance and support to legal, the business units and the vendors.Continuously monitor and learn compliance efforts and how security assessments of various network components of the global infrastructure identify gaps to regulatory and compliance requirements relative to ISO 27001/27002, NIST 800-53, FFIEC, Cloud Security Alliance (CSA) and others that meet current regulatory environments globally.Research, present and execute new and improved methodologies to ensure enhanced process further aligned with increasing volumes and demands.Participate in the roundtable review process for global team members to present due diligence findings – ensuring a consistent and high-quality deliverable for third-party information security vendor risk assessments. Learn how the team members interact and review each other’s work.What we valueThese skills will help you succeed in this roleEngagement in meaningful daily work: You'll take ownership of specific tasks and projects, gaining hands-on experience and building confidence through real contributions.A supportive learning environment: You'll exercise your judgment in a guided setting, with mentorship and supervision to help you grow.Focused skill development: This role is designed to help you deepen your expertise in a specific area.Clear structure and expectations: You'll work within well-defined parameters, giving you the clarity and focus to succeed.Independent contributions: You'll have the opportunity to make an impact through your individual contributions while collaborating with a supportive team.Focus on growth: While there are no people management responsibilities with this role, it is a great stepping stone for future leadership opportunities.A collaborative team culture: You'll build strong working relationships with your peers and supervisor, gaining valuable experience in a professional environment.Education and Preferred Qualifications:Final-year undergraduate or graduate students pursuing degrees in Computer Science or Information Technology with specializations in Network Security, Cloud Security, Data Analytics, Incident Response, or related technical disciplines who are interested in converting to a full-time role post-graduationEnthusiastic about building a long-term career in a dynamic, technology-driven organizationEffective communicators with the ability to collaborate in a team-oriented environmentOpen to feedback and committed to continuous learning and improvementMotivated by real-world problem solving and eager to contribute innovative ideasRegulatory Compliance ManagementCybersecurityRegulatory ReportingCommunicationBusiness WritingInformation SecurityRisk ManagementArtificial IntelligenceAdditional requirementsCloud ComputingData ManagementIncident ManagementNetwork SecurityIncident responseSalary Range:$70,000 - $118,750 AnnualThe range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.Employees are eligible to participate in State Street’s comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.For a full overview, visit State StreetAcross the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you’ll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.Discover more information on jobs at StateStreet.com/careersRead our CEO StatementJob Application Disclosure:It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. #J-18808-Ljbffr STATE STREET CORPORATION