Director, Cyber Policy Modernization & Controls at BNY

New York, New York, United States -

Full Time

Start Date

Immediate

Expiry Date

16 Apr, 26

Salary

0.0

Posted On

16 Jan, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity Policy Management, Controls Modernization, Regulatory Alignment, Cross-Functional Project Delivery, Engineering Controls, Control Inventory Management, AI-Driven Tools, Stakeholder Engagement, Continuous Improvement, Governance, Metrics, Risk Management, Operational Resilience, Cost Efficiency, Control Effectiveness, Policy Lifecycle

Industry

Financial Services

Description

Lead the end-to-end execution of the Cyber Policy Modernization project, including policy catalogue refresh, control statement standardization, and alignment with industry best practices and regulatory requirements. Establish and chair the Cybersecurity Policy Steering Committee for governance, oversight, and decision-making throughout the modernization lifecycle. Collaborate with process owners, subject matter experts, and engineering controls teams to identify gaps, baseline existing controls, and implement AI-driven tools for gap analysis and modernization. Oversee the development and mapping of control objectives, control statements, and risk statements to ensure clarity, consistency, and traceability. Drive the integration of continuous control monitoring, metrics, and reporting into the policy lifecycle. Ensure successful transition from project phase to BAU, embedding scalable assurance mechanisms and eliminating redundancies. Own and continuously improve the cyber controls framework, maintaining alignment with evolving regulatory, industry, and threat-driven requirements. Lead the ongoing governance, refresh, and publication of cybersecurity policies, standards, and procedures according to the established schedule. Maintain and enhance the Controls Inventory Master and ensure integration with the Controls Hub and enterprise controls taxonomy. Monitor control effectiveness, drive remediation of control gaps, and optimize resource allocation for operational resilience and cost efficiency. Oversee the implementation of measurable, business-focused metrics and dashboards for real-time risk and control management. Foster a culture of continuous improvement, stakeholder engagement, and cross-functional alignment across engineering, risk, and business units. Proven experience in cybersecurity policy management, controls modernization, and regulatory alignment (preferably with CRI, NIST, ISO frameworks). Demonstrated leadership in cross-functional project delivery and BAU operations within a complex enterprise environment. Strong understanding of engineering controls, enterprise controls taxonomy, and control inventory management. Experience with AI-driven tools for control gap analysis and policy modernization is a plus. Excellent communication, stakeholder management, and governance skills. Coordinate with audit, regulatory, and risk management teams to ensure defensible, scalable, and compliant security posture.

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities

Lead the execution of the Cyber Policy Modernization project, ensuring alignment with industry best practices and regulatory requirements. Oversee the development of control objectives and drive the integration of continuous control monitoring into the policy lifecycle.