Department Security Officer Job Listing at SS&C Technologies in CT (Job ID R27375)

Description

SS&C is a global provider of investment and financial services and software for the financial services and healthcare industries. Named to Fortune 1000 list as top U.S. company based on revenue, SS&C is headquartered in Windsor, Connecticut and has 20,000+ employees in over 90 offices in 35 countries. Some 18,000 financial services and healthcare organizations, from the world's largest institutions to local firms, manage and account for their investments using SS&C's products and services.

Job Description

SS&C Global Security and our Cyber Defense Operations Center is at the beating heart of our culture. We've made it our priority to create a top-tier security culture.  We have oriented our team of security professionals to defend and respond to cyber threat across the world. We're looking for those of you who are inherently driven and fascinated by finding and solving tough problems.  You will be armed with the best tools, tech, colleagues, and training so that you can deliver high quality results.

Department Security Manager (Business Security Officer)

Overview: This role will play a critical role in bridging the gap between business unit products, operations, and security solution technologies, ensuring the organization's information assets are adequately protected. It requires deep knowledge in application and product security, strong communication skills for senior executive-level escalations, and the ability to align security initiatives with the broader business objectives.

Key Responsibilities:

• Strategic Leadership:
  • Develop and implement a comprehensive security strategy aligned with business goals.
  • Serve as the primary liaison between business units and the security team, ensuring seamless communication and collaboration.
• Application and Product Security:
  • Oversee the security of applications and products from design through deployment, ensuring robust security measures are integrated at each stage.
  • Conduct regular security assessments and audits to identify and mitigate risks in application and product development.
• Senior Executive Engagement:
  • Facilitate well-structured and effective escalations to senior executives, providing clear and concise communication on security incidents and risks.
  • Prepare and present security reports, metrics, and updates to the executive leadership team, ensuring they are informed of the security posture and any necessary actions.
• Risk Management and Compliance:
  • Identify, assess, and manage security risks across the organization, implementing appropriate controls and measures.
  • Ensure compliance with relevant security policies, standards, regulations, and industry best practices.
• Incident Response:
  • Lead the response to security incidents, coordinating efforts across teams and ensuring timely and effective resolution.
  • Develop and maintain incident response plans, ensuring they are up-to-date and tested regularly.
• Customer and Client Due Diligence:
  • Conduct due diligence on customers and clients to assess and manage security risks associated with business relationships.
  • Ensure security requirements are met in client engagements and contracts, maintaining the integrity of the organization's security posture.
• Technology Integration and Innovation:
  • Drive the adoption of advanced security technologies and practices, ensuring they are effectively integrated into the organization's infrastructure.
  • Collaborate with IT and development teams to incorporate security into the design and implementation of new technologies and systems.

Required Qualifications:

• Experience:
  • Minimum 10 years of experience in information security, with at least 5 years in a leadership role.
  • Proven track record in application and product security, including secure coding practices and security architecture.
• Skills:
  • Strong understanding of security frameworks and standards (e.g., ISO 27001, NIST, SOC 2).
  • Excellent communication and presentation skills, with the ability to engage effectively with senior executives.
  • Demonstrated ability to manage and resolve security incidents, including forensic analysis and root cause identification.
  • Experience with risk management and compliance in a corporate environment.
• Education and Certifications:
  • Bachelor's degree in information security, Computer Science, or a related field.
  • Relevant certifications such as CISSP, CISM, or CISA.

Desired Qualifications:

• Experience in the financial services industry or other highly regulated sectors.
• Advanced degrees (e.g., Master's or PhD) in Information Security or related disciplines.
• Proficiency in cloud security and familiarity with platforms such as AWS, Azure, or Google Cloud.
• Knowledge of emerging security technologies and trends, such as AI/ML in security, zero trust architecture, and DevSecOps practices.

Personal Attributes:

• Strategic thinker with a proactive approach to problem-solving.
• Strong leadership and team-building skills, with the ability to inspire and motivate staff.
• High level of integrity and professionalism, with a commitment to maintaining confidentiality and ethical standards.

Unless explicitly requested or approached by SS&C Technologies, Inc. or any of its affiliated companies, the company will not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. SS&C offers excellent benefits including health, dental, 401k plan, tuition and professional development reimbursement plan. SS&C Technologies is an Equal Employment Opportunity employer and does not discriminate against any applicant for employment or employee on the basis of race, color, religious creed, gender, age, marital status, sexual orientation, national origin, disability, veteran status or any other classification protected by applicable discrimination laws.