Cyber & Technology Resiliency, Vice President

The Vice President, Cyber & Technology Resiliency is responsible for advancing the firm’s global technology and cyber resilience capabilities across critical platforms, infrastructure and digital services supporting asset servicing, custody and investment management operations.

The role will help define and mature the Cyber & Technology Resiliency function, establishing strong collaboration across Global Technology Services (GTS), Global Cyber Security (GCS) and the Enterprise Resilience Office (ERO) to ensure the organisation can prevent, withstand, respond to and recover from technology or cyber disruptions affecting Important Business Services (IBS).

The individual will play a key role in strengthening resilience governance, embedding risk management disciplines, and improving transparency through meaningful metrics and reporting to senior leadership and regulators.

Key Responsibilities

1. Cyber & Technology Resilience Strategy

• Support the design and maturation of the firm’s Cyber and Technology Resilience framework, aligned with enterprise operational resilience strategy.

• Define standards and methodologies for resilience across:

• infrastructure

• applications

• cyber defence capabilities

• cloud and data platforms

• Ensure alignment with global regulatory expectations and industry frameworks.

• Contribute to the strategic roadmap for resilience maturity across technology domains.

2. Cross-Functional Integration (GTS, GCS, ERO)

• Act as a key integration point between:

• Global Technology Services (technology infrastructure & engineering)

• Global Cyber Security (cyber defence, threat monitoring)

• Enterprise Resilience Office (IBS mapping, impact tolerances and scenario testing)

• Strengthen operating model alignment to ensure technology and cyber capabilities directly support Important Business Services resilience outcomes.

• Facilitate cross-functional working groups and governance forums to address systemic risks and resilience gaps.

3. Technology & Cyber Risk Management

• Identify, assess and track technology resilience risks impacting critical services and platforms.

• Support the development of risk mitigation strategies, including:

• cyber attack scenarios

• technology failure scenarios

• cloud service disruptions

• systemic vendor dependencies.

• Work with technology and cyber teams to embed resilience considerations in architecture, engineering and change management processes.

• Provide challenge and independent oversight of remediation plans

4. Scenario Testing & Crisis Preparedness

• Support design and execution of technology and cyber resilience scenario testing aligned to operational resilience frameworks.

• Develop severe-but-plausible scenarios covering:

• ransomware

• cyber-induced data integrity events

• cloud provider failure

• infrastructure outage

• Partner with crisis management and cyber incident response teams to ensure testing outcomes drive measurable improvements.

5. Resilience Metrics, MI and Reporting

• Develop and maintain resilience performance metrics covering cyber and technology capabilities.

• Produce executive-level reporting for:

• senior technology leadership

• enterprise risk committees

• regulators

• Enhance the firm’s resilience reporting framework to provide clear insights into:

• capability maturity

• systemic technology risks

• remediation progress.

6. Function Development

• Help shape and establish the Cyber & Technology Resilience capability within the Enterprise Resilience organisation.

• Define operating models, governance processes and roles across global teams.

• Promote best practices across regions and business units.

• Contribute to thought leadership on resilience within the organisation.

Key Deliverables

• Technology resilience maturity roadmap

• Integrated GTS / GCS / ERO operating model

• Cyber and technology scenario testing programme

• Global resilience risk register for technology

• Executive reporting dashboards on resilience capability

• Regulatory-ready documentation and evidence.

Stakeholder Engagement

Internal

• Global Technology Services leadership

• Global Cyber Security leadership

• Enterprise Resilience Office

• Technology Risk Management

• Business service owners

• Crisis management teams

External

• Regulators

• Industry working groups

• Strategic technology partners and cloud providers

Skills & Experience

Essential

• Experience in technology resilience, cyber resilience, technology risk or operational resilience within financial services.

• Strong knowledge of technology operating environments supporting asset management and custody businesses.

• Familiarity with regulatory frameworks including:

• UK Operational Resilience

• DORA

• US regulatory expectations on resilience.

• Ability to translate complex technical risks into executive-level insights.

• Experience working across technology, cyber security and risk functions.

Desirable

• Background in technology infrastructure, cyber security or enterprise architecture.

• Experience supporting regulatory reviews or supervisory engagements.

• Knowledge of cloud resilience architectures and third-party risk.

Leadership Behaviours

• Enterprise mindset with strong cross-functional collaboration.

• Analytical and structured problem solving.

• Ability to influence senior technology and risk stakeholders.

• Clear communicator capable of simplifying complex resilience topics.

Success Measures

Short Term (12 months)

• Establish strong working model across GTS, GCS and ERO.

• Deliver enhanced technology resilience reporting and metrics.

• Identify and prioritise key technology resilience risks.

Medium Term (2–3 years)

• Demonstrate measurable improvements in cyber and technology resilience maturity.

• Embed resilience considerations into technology lifecycle and architecture.

• Deliver robust technology-focused resilience scenario testing.

Long Term

• Establish the organisation as a leader in technology and cyber resilience within the asset servicing sector.

About State Street

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you’ll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.

As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.

Discover more information on jobs at StateStreet.com/careers

Read our CEO Statement