• SVP, Technology and Cybersecurity Risk Management - Bank Policy Institute #2018-2366

    Location US-DC-Washington, D.C.
    Job ID
  • Overview

    SVP, Technology and Cybersecurity Risk Management - BPI


    Cybersecurity has never been more important. With each passing day, more of the systems that provide us with food, water, shelter, financial services, energy and communication are digitized. Private sector operators of these critical infrastructure systems are the front lines of defense, so public sector leaders do what they can: regulate…but often in a fragmented manner. In the United States alone, the federal regulatory agencies reported 43 separate and distinct cyber supervisory expectations applicable to the financial services sector. This volume of regulatory activity can be counterproductive because when private sector firms are required to focus up to 40% of their cyber professionals’ time on compliance related activities, they have less time to protect systems.


    You can do something about that.


    We have worked at the intersection of business, technology, innovation and cybersecurity for over 22 years, sharing information across the financial industry, collaborating with government and regulatory partners, and acting as a compelling voice in Washington on operational, regulatory and policy issues. The Bank Policy Institute (BPI) is a nonpartisan public policy, research, and advocacy group that represents the nation’s leading banks. Collectively our members serve as an engine for financial innovation and economic growth, employing nearly 2 million Americans, making 72% of all loans and nearly half of the nation’s small business loans. Our technology policy division (BITS) promotes safety and soundness in the technology and infrastructure of the financial services system.


    Led by C-Suite executives including CEOs, CIOs, CISOs, CROs, and other senior leaders, we bring our members together with regulators, government agencies, and technology firms. Our executive forums advance collaboration in the regulatory and risk environment, address current and emerging policy issues, improve effectiveness of technology programs, promote critical infrastructure resilience, and strengthen cybersecurity and reduce fraud. Our work is vitally important to leaders across the financial services industry including banks, insurance firms, asset managers, card companies, financial market utilities, and trade associations. Our real-world expertise enables our members to identify and manage risk, with a particular focus on cybersecurity, fraud reduction, critical infrastructure protection, data protection, and emerging technology. You can read more about our work here.


    Reporting directly to the President of BITS, you will join a talented team of information technology, risk, and regulatory experts. In this high visibility role, you will serve as a thought partner, working with operating executives at member firms and public sector leaders in developing a forward looking, harmonized, standardized cybersecurity strategy. You will have frequent external interaction as you educate, gather input from, and formulate a consensus led point of view that represents the entire financial services sector (as well as other vital elements of our nation’s infrastructure including telecommunications and energy). You will take the lead in convening meetings, hosting regional conferences, and developing trusted partnerships.


    Additionally, you will collaborate with your colleagues to support our work in fraud reduction, regulatory technology, risk management, and innovation. Beyond your significant portfolio of work in cybersecurity, you will also be instrumental in helping to develop policy priorities in areas including cyber orchestration, dev/sec/ops, security standards, third-party risk management, data privacy, and critical infrastructure resilience.


    BITS Program and Policy Priorities

    Our team’s current policy portfolio includes:

    • Cybersecurity Regulatory Harmonization: Future regulatory issuances harmonized around a common organizational structure and taxonomy.
    • Critical Infrastructure Protection: Government and Industry coordination of the most mature “lifeline” sectors – Financial Services, Telecommunications, and Electricity – seeking a coordinated, cross-sector operational collaboration architecture for both physical and cyber incidents.
    • Cloud Security: Develop use cases for Cloud Access Security Brokers that further develop Third Party Risk Management capabilities with the most advanced technologies.
    • Data and Privacy: Help financial firms mature their use of Big Data and analytics and navigate the shifting public policy landscape around data use and privacy. 
    • Cyber Board Governance: Help firms improve cybersecurity risk management discussions between the C-suite and the Board of Directors.
    • Authentication and Synthetic Fraud via SSN: Social Security Administration to Provide Near Real-Time Verification of SSN to combat fraud (synthetic or otherwise).
    • Innovation and Emerging Technology: Our FinTech Ideas series includes Policy Summits and in early 2019, we will be hosting our semi-annual FinTech Ideas Festival, bringing together CEOs from financial services and technology to discuss innovation. 


    Key Competencies and Requirements of the SVP, Technology and Cybersecurity Risk Management

    We believe your success in the role will require:

    • A deep understanding of the Cybersecurity and/or IT Security landscape, with 15 plus years as a practitioner in progressively senior leadership positions. Experience developing programs, operating policy, implementing and operating platforms, governance and/or IT security processes. The ability to develop, advocate for, and codify strategic direction at the executive level.
    • The ability to synthesize technical concepts into practical terms for a wide audience including CEOs, CIOs, CISOs, regulators, congressional leaders and policy/legal constituents. Experience conducting research to articulate a well-formed point of view on key issues.
    • The business acumen to be able to identify business needs, evaluate emerging technology trends, determine policy implications, and advance potential solutions in cyber protection, infrastructure, and consumer safety while helping member firms balance the risks, costs, and benefits of implementing new solutions.
    • The ability to lead collaborative projects with external volunteer stakeholders, developing programs, communicating project status, and driving results.
    • Prior experience working with public sector leaders in a regulated environment, ideally in financial services, or with background in telecommunications, energy, or another regulated environment.
    • An undergraduate College/University Degree. Master’s degree, PhD or relevant certifications are a plus.


    Ideal Attributes of the SVP, Technology and Cybersecurity Risk Management

    • Accountable. You earn trust by your actions and faithfully keep your promises.
    • Collaborative. You demonstrate the ability to understand the needs of various stakeholders. You are able to confidently engage with people at all career levels to define needs and expectations. You collaborate on projects and communicate results.
    • Detail Oriented. You get it right the first time and produce polished, professional work.
    • Great Communicator. You are articulate. You have concise, accurate, effective written and verbal communication skills.
    • Team Player. You thrive in a team environment yet work well independently. You carry your weight in the team, learning from others and contributing in equal measure.
    • Curious. You like learning new things and collecting and sharing information. You ask questions, listen, and learn. 
    • Project Manager. You can juggle multiple tasks, allocate and optimize resources, and manage timelines.


    What’s Attractive to the Right SVP, Technology and Cybersecurity Risk Management Candidate?

    • Leverage: Your work has the potential to strengthen security for the entire nation’s infrastructure. You will be working to solve problems at the highest levels.
    • Visibility: In this high profile role, you will develop an elite network of contacts across multiple industries in the public and private sector, which can be a springboard to even greater opportunities at the highest levels of consulting, government, or the private sector.
    • Impact: You will have the opportunity to help shape cybersecurity policy, and have an unparalleled vantage point on current global economic events.
    • Balance: You will also enjoy a remarkable quality of life, with only moderate travel and the occasional need to work on weekends.
    • Benefits: We offer competitive benefits including medical, dental & vision insurance, flexible spending account, life and disability insurances, employer matched 401(k) and supplemental retirement plans, and transportation benefits.


    To Apply for the SVP, Technology and Cybersecurity Risk Management position:

    Please share your resume by using the "Apply" button on this page. 


    Alternative Titles:  Technology Risk Management, Managing Director of Security, Principal Director, Global Cyber Defense Lead, IT Risk Advisory and Cybersecurity, Cyber Risk Services, Cybersecurity and Privacy Leader, AVP or Vice President of Cybersecurity and Policy, Global Cyber Public Policy, Director of Cyber Security Strategy


    Staffing Advisors has been engaged to find the right candidate and is committed to helping create a diverse work environment for our client. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other basis protected by law. This position may require pre-employment screening potentially including a criminal background check, verification of academic credentials, licenses, certifications, and/or verification of work history.



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed