Cyber Shared Services Manager

The Cyber Shared Services Manager will oversee the development and implementation of program and practices related to cyber security shared services. The Cyber Shared Services Manager is responsible for coordinating with each information security domain owner to roll out security services and coordinate with each group company to agree on the level of service.

The anticipated salary range for this role is between $217,000 and $253,000. The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees.

Develop, implement, and manage the overall cyber security shared service catalog in coordination with the domain owners (e.g., identity access management, systems engineering, security operations). Coordinate with domain owners to prioritize their security shared service roll out and adoption by group companies
• Act as the global central point of contact for all cyber security shared services for each group company, cyber security, and across the three lines of defense. Coordinate with group companies to define formal service level agreements and monitor adherence
• Development of a plan after determining which metrics should be rolled out first in coordination with domain owners. Define, review, and update thresholds, SLAs as needed.
• Oversee the implementation of security self-service center (e.g., ticketing system)
• Operationalize metrics and reporting to track and monitor the level of service and drive towards automation
• Understand issues with shared service delivery and coordinate to resolve in efforts to maintain appropriate level of service
• Drive to operationalize shared services and regularly report to management (e.g., CISO) on progress

• A college degree (BS/MS)
• Combined 15+ years' experience across information security (IS), IT / IS operations, and IT / IS service delivery. Strong understanding of cyber security capabilities and operating in an environment which delivers cyber security as a service.
• Strong understanding of Banking & Securities processes and ability to translate cyber security risks into business implications
• Right perspective, i.e., finds the right balance between business needs, innovation and cyber security requirements.
• Ability to interface with top management as well as the diverse cultures of domestic and international
• Excellent communication skills, writing and public speaking
• Strong understanding of cyber security practices in Banking
• Experience with IT Service Management technology and metrics & reporting including knowledge of ServiceNow, Tableau, or similar types of ticketing and reporting technology
• Knowledge of information security tools / processes including identity governance & administration (e.g., AzureAD Identity Governance), privileged access management (e.g., CyberArk), Vulnerability Management etc.