This role is located in New York City and will require a hybrid work schedule of at least 2 days in office per week.

This role is for Vice President level candidates. 

About the Bank:

Sumitomo Mitsui Trust Bank, Limited was established through the merger of The Sumitomo Trust and Banking Co., Ltd with Chuo Mitsui Trust and Banking, Ltd. on April 1, 2012. We are one of the largest asset managers in Asia and number one among Japanese financial institutions by AUM, with approximately $850 Billion USD in AUM. The Bank provides an assortment of financial solutions and manages a broad spectrum of financial products across its global branches.

Department Overview: 

The Americas Division (“AD”) was established in the Sumitomo Mitsui Trust Bank, Limited, New York Branch) (“SMTBNY”) to perform corporate functions and supervise U.S. entities. Established under the AD are the “Global Banking Unit (“GBU”), Americas Division” and “Global Markets Unit (“GMU”), Americas Division” which performs business functions. Information Risk Governance (“IRG”) provides oversight to information and cyber security risk by maintaining and improving branch wide framework that is in-line with the Head Office and regulatory requirements and addresses Confidentiality, Integrity, and Availability for information assets. IRG establishes appropriate policies, procedures, measurement, and monitoring processes to proactively assess and evaluate cyber security and information security risks inherent in the Branch Operations. IRG is directly involved in all information and cyber security related projects, matters, and issues. 

Your Role Overview:

To assist the Head of the Department with the day-to-day management and operation of the department. To assume the role of Information Security Officer and take the lead on overseeing the timely completion of the department’s critical risk management projects. To provide direct assistance to the Head of the Department with regards to accomplishing the department’s goals and objectives. To manage, guide and mentor other staff members with the preparation and completion of their assigned tasks. To contribute significantly to the overall success of the department in all key risk management and cyber security areas.

Directly oversee completion of all critical projects, assist the HOD with implementing desired operational strategies and procedures. Recommend ways to improve efficiency, effectiveness, and productivity. Focus on proactive day-to-day operations. As ISO, assist with overseeing all information and cyber security matters.

Your Duties and Responsibilities:

1. Maintain and improve the information risk framework with guidance from HOD, address regulatory requirements, residual information risks specific to NY Branch Operations.  
2. Provide Information Security subject-matter-expertise to senior management. 
3. Work with IRT and coordinate incident responses to cyber security events.
4. Keep abreast of industry wide information risk issues that could potentially have an impact on Branch Operations.  
5. Establish processes for communicating data classification guidelines and its governance. 
6. Oversee employee information security awareness training.
7. Assesses and evaluates critical risk management projects:
   1. Annual Risk Assessment. 
   2. Semi-annual Vulnerability Assessments. 
   3. Special Risk Assessments done for a Particular Purpose
   4. Trend analysis of key risk management concepts and principles
8. Attend the ISSRM and Branch Risk Management related meetings. 
9. Performs key information risk governance related tasks as described below:
   1. Provides User Access Control Governance.
   2. Monitors, analyzes and follows-up on Information Risk events/issues.
   3. Reviews information risk and proactively advises as necessary on: IT Projects/Issues Management process, Change Management Process, significant changes to IT procedures, IT Asset Management Report, key IT Vendor Contracts, IT Disaster Recovery Plan/Process, Record Retention Process, any related audit findings, etc.
   4. Establish and maintain Information Risk Key Risk Indicators (KRI).
   5. Periodically updates IT resources on Information risk related practices.
   6. Manages all information and cyber security policy and procedures manuals.
10. Assist with the management of all matters related to Information Security and Information Risk Management, including directing appropriate Information/Applications Risk Assessments. 

Your Qualifications:

1. Certification in Information Security (CISSP) required.
2. 8 years of Information Security related experience, IT Audit experience, preferred.
3. Knowledge of Information Security principles, terminologies, and technologies required. 
4. Knowledge of Information Risk Management framework and principles required. 
5. Ability to analyze and design information security monitoring procedures and activities preferred.
6. Detailed Knowledge and expertise in Technology Risk Assessments and Risk Analysis required.
7. Excellent written and verbal communication skills, required.
8. Good computer skills in Microsoft Office Excel and Word required.
9. Strong project management and people management skills. preferred

Why you should join SuMi Trust:

SuMi Trust embraces flexible ways of working when the business and role permits. We provide employees with a hybrid working model, allowing for in-office work and work from home. Our diverse and inclusive environment along with our global presence enables us to collaborate and communicate to meet our business needs. We believe that efficient teams need truth, loyalty, and a strong sense of purpose to balance risk and their targets. We make sustainable business decisions to improve our society and the world. We believe that each person brings a unique value that drives the business though their creativity and passion.

• The Employee Benefits package includes: Paid Time Off, medical, HSA, vision, dental, FSA, 401(k), profit sharing, legal plan, cancer indemnity plan, disability insurance, life insurance, employee assistance program, commuter benefits, business travel accident, paid volunteer day, paid memberships, paid seminars, and tuition assistance.

• We offer many socialization opportunities for wellness, financial wellbeing, runs/walks, team building, happy hours, and activities to support the Sustainable Developmental Goals.

Check out our LinkedIn for our employee experience: https://www.linkedin.com/company/smtbny

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law. SuMi Trust provides reasonable accommodations for employees and applicants with disabilities consistent with applicable law. If you need a reasonable accommodation during the application