BNY · 11 hours ago
Director, Cyber Policy Modernization & Controls
New York, NY
Full-time
Onsite
Senior Level, Lead/Staff
$116K/yr - $246K/yrBNY is a leading global financial services company that influences nearly 20% of the world’s investible assets. The Director, Cyber Policy Modernization & Controls is responsible for leading the execution of the Cyber Policy Modernization project and ensuring the organization transitions to a robust cyber controls environment.
Financial Services
Responsibilities
Lead the end-to-end execution of the Cyber Policy Modernization project, including policy catalogue refresh, control statement standardization, and alignment with industry best practices and regulatory requirements
Establish and chair the Cybersecurity Policy Steering Committee for governance, oversight, and decision-making throughout the modernization lifecycle
Collaborate with process owners, subject matter experts, and engineering controls teams to identify gaps, baseline existing controls, and implement AI-driven tools for gap analysis and modernization
Oversee the development and mapping of control objectives, control statements, and risk statements to ensure clarity, consistency, and traceability
Drive the integration of continuous control monitoring, metrics, and reporting into the policy lifecycle
Ensure successful transition from project phase to BAU, embedding scalable assurance mechanisms and eliminating redundancies
Own and continuously improve the cyber controls framework, maintaining alignment with evolving regulatory, industry, and threat-driven requirements
Lead the ongoing governance, refresh, and publication of cybersecurity policies, standards, and procedures according to the established schedule
Maintain and enhance the Controls Inventory Master and ensure integration with the Controls Hub and enterprise controls taxonomy
Monitor control effectiveness, drive remediation of control gaps, and optimize resource allocation for operational resilience and cost efficiency
Oversee the implementation of measurable, business-focused metrics and dashboards for real-time risk and control management
Foster a culture of continuous improvement, stakeholder engagement, and cross-functional alignment across engineering, risk, and business units
Serve as the primary liaison between cybersecurity, engineering controls, enterprise controls, and business stakeholders
Advocate for policy outcomes, monitor implementation, and ensure transparency through regular reporting and communication
Coordinate with audit, regulatory, and risk management teams to ensure defensible, scalable, and compliant security posture
Qualification
Required
Proven experience in cybersecurity policy management, controls modernization, and regulatory alignment (preferably with CRI, NIST, ISO frameworks)
Demonstrated leadership in cross-functional project delivery and BAU operations within a complex enterprise environment
Strong understanding of engineering controls, enterprise controls taxonomy, and control inventory management
Excellent communication, stakeholder management, and governance skills
Preferred
Experience with AI-driven tools for control gap analysis and policy modernization is a plus
Benefits
Highly competitive compensation
Benefits
Wellbeing programs
Flexible global resources
Generous paid leaves
Paid volunteer time
Commission earnings
Discretionary bonuses
Short and long-term incentive packages
Company-sponsored benefit programs
Company
BNY
We help make money work for the world — managing it, moving it and keeping it safe.
Founded in 1784
10001+ employees
Funding
Current Stage
Late StageLeadership Team
Brian A. Ruane
CEO Government Securities Services & Global Client Management
Chris Kearns
CEO, Depositary Receipts
Recent News
PR Newswire
2024-11-01
Company data provided by crunchbase