Sr. Manager - Cyber Security (Governance Risk & Compliance)

When you work with the world's most innovative companies, you know you're making a difference.

Our clients are the game changers, leaders and investors who fuel the global innovation economy. They're the businesses behind the next medical breakthroughs. And the visionaries whose new technologies could transform the way people live and work.

They come to SVB for our expertise, deep network and nearly forty years of experience in the industries we serve, and to partner with diverse teams of passionate, enterprising SVBers, dedicated to an inclusive approach to helping them grow and succeed at every stage of their business.

Join us at SVB and be part of bringing our clients' world-changing ideas to life. At SVB, we have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities SVB serves. We pride ourselves in having both a diverse client roster and an equally diverse and inclusive organization. And we work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply.

Sr Manager - Cyber Security GRC

Location: Bangalore

About The Job –

• This is a key role within the Global Enterprise Cyber Security Office (GECSO) Governance, Risk and Compliance (GRC) and Strategy and Program Management functions.
• This individual will be responsible for managing and overseeing cyber personnel in India responsible for augmenting and supporting ECSO GRC / Program Management functions such as for Security Exceptions, Control Testing, Cyber Third-Party vendor oversight and Project / Portfolio Management.
• This position supports the Bank’s Enterprise Cyber Security Governance, Risk and Compliance (GRC) and Strategy and Program Management programs and works closely with key stakeholders within the Enterprise Cyber Security Office (ECSO) and the GECSO as well as external stakeholders such as Information Technology and Risk (Enterprise Risk Management, Operational Risk Management) etc.
• This role requires broad knowledge of cyber security and information technology disciplines, as well as applicable banking laws and regulations. The ideal candidate will have a proven track record and experience with understanding and working with security policies, standards, cyber risk management, security controls, third-party oversight as well as program and portfolio management.  This individual should also have a broad knowledge and understanding of cyber / tech industry best practices and standards. This individual will play a critical role in shaping our bank’s cyber security operational framework, assisting with organizational process definition and documentation, ensuring compliance, risk management, and ongoing collaboration and contribution to the team’s ongoing success. 
• Given the responsibility and high pace of the role, the ideal candidate should have the experience and skills needed to contribute to the continuous evolvement and capabilities enhancements of the department. Being able to “connect the dots” between related teams and workflows will be paramount to achieving success in this role.

Once Here You Will –

• Collaborate with cross-functional teams to review and uphold bank-wide policies and standards to meet regulatory requirements and industry best practices.
• Stay informed about regulatory developments, emerging risks, and best practices in the banking and financial sector.
• Conduct thorough risk assessments to identify potential gaps in existing policies and develop strategies / actions plans for risk mitigation.
• Understanding of the organizations risk taxonomy and how this applies to our overall cyber risk posture and security control structures in place.
• Support the team in India to ensure efficient time management, completion of timely tasks and deliverables and stakeholder collaboration as necessary, associated with security exceptions, control testing, cyber third-party and project / portfolio management
• Engage with internal and external stakeholders to gather input, address concerns, and ensure a comprehensive understanding and adoption cyber policies and standards in coordination with enterprise requirements.
• Aid in the development of training materials and programs to educate bank employees on cyber security requirements including collaboration with Organizational Change Management (OCM) to socialize changes to the enterprise.
• Maintain meticulous documentation, ensuring accessibility and accuracy susceptible to audits, exams and compliance purposes.
• Develop and deliver process documentation, flows, and standards in support of the Strategy and Portfolio Management program to create and maintain operational resiliency. This includes documenting standard processes, creating tailoring criteria and guidelines for the lines of service supported, and developing a centralized Process Control Library.

• Provide consistent communication and escalation of issues to GSO/ECSO Management
• Drive a culture of continuous improvement and efficiency within the Enterprise Cyber Security Office supporting GRC and Program / Portfolio management.
• Display continued growth in leadership and coaching to be a quality contributor and point of contact for all areas of the business in identifying and escalating issues and making sound decisions.
• Provide counsel to the ECSO Management on risk management issues.
• Understand and utilize all Risk Management tools and systems available to support various process and bodies of work.
• Ensure risk issues and corresponding action items are effectively remediated and evidenced.
• Attend all applicable meetings and forums as necessary.
   

What You Will Bring:

• Solid understanding of Enterprise Strategy, Cyber GRC, Cyber TPRM as well as Program / Portfolio Management.
• Ability to think strategically and implement change initiatives as it relates to applicable programs
• Ability to approach the management if issues tactically and strategically, identifying and implementing efficiencies and process improvements
• 1st LOD and / or 2nd LOD knowledge, understanding and/or experience in risk and issue management within a large financial institution
• Methodical and proactive thinker with strong organizational and follow-up skills
• Proven time and task management skills with the ability to multitask effectively and promptly
• Strong analytical ability
• Ability to manage projects with minimal guidance
• Knowledge in cybersecurity frameworks: NIST 800-53, NIST-CSF
• Strong analytical skills, with the ability to assess complex information and make informed decisions.
• Excellent written and verbal communication skills, with the ability to draft clear and concise policies and effectively communicate changes to diverse stakeholders.
• Demonstrated ability to collaborate effectively with cross-functional teams and communicate complex concepts to non-technical audiences.
• Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint, etc.)
• Attention to detail, strong organizational skills, and the ability to manage multiple tasks in a fast-paced environment.
• Integrity, ethics, and a commitment to upholding the highest standards of professionalism and compliance.
• Understands team dynamics and promotes the development of team relationships
• Demonstrated ability to quickly build trust and relationships, manage matrixed teams, bridge communication gaps, resolve conflicts, and influence stakeholders at all levels (including executives)
• Ability to independently manage complex tasks and projects, while demonstrating urgency, prioritization, and ownership to drive completion
• Polished diplomacy, active listening, persuasiveness, and presentation skills to communicate new products or changes and gain buy-in, consensus, and cooperation in the face of conflicting viewpoints, resistance to change, constraints, etc.
• Strong business acumen in financial services or related industry, and a proven ability to balance strategic thinking with practical implementation skills.
• Excellent project management skills and the ability to motivate teams and drive performance
• High energy and proven track record of accomplishments and results
• Strong interpersonal skills, with evidence of working in collaboration across large, complex organizations, including effective influencing skills, a proactive and 'no surprises' approach in communicating issues/requests
• Broad knowledge of applicable laws, rules, regulations, supervisory guidance, and expectations for large financial institutions (LFIs)
• Experience with compliance processes such as security exceptions third-party due diligence, risk assessments, and monitoring and testing of controls
• Prior experience with risk and compliance areas

Qualifications:

• Bachelor’s Degree Emergency Services, Cyber Security, Information Technology, or other equivalents. BE/B.Tech/MCA with relevant team and project management experience may also be considered.
• Overall 12-16 years of experience including significant people management responsibility
• Experience with a global professional services firm or working with virtual teams will be an advantage

• 12+ years of experience supporting risk and / or compliance related activities preferably in the financial services industry and / or consulting experience advising financial institutions on the implementation of effective issue management
• 10+ years in IT Issue Management, audit, or compliance role with experience in IT driven issue identification, testing, or management

Preferred Certifications:

• Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM)
• Certified Information System Security Professional (CISSP), Certified Internal Auditor (CIA)

© 2023 SVB Financial Group. All rights reserved. SVB, SVB FINANCIAL GROUP, SILICON VALLEY BANK, MAKE NEXT HAPPEN NOW and the chevron device are trademarks of SVB Financial Group, used under license. Silicon Valley Bank is a member of the FDIC and the Federal Reserve System. Silicon Valley Bank is the California bank subsidiary of SVB Financial Group.

Equal Employment Opportunity

Silicon Valley Bank is an equal opportunity employer and is dedicated to expanding its commitments and investments to create a more diverse, equitable and inclusive company culture and innovation ecosystem. We are strongly committed to the values and policy of equal employment opportunity across our employment practices.