Head of Enterprise Incident Management

Overview

On Site
USD 160,000.00 - 215,000.00 per year
Full Time

Skills

Enterprise Information Management
Accountability
Data Security
Data Governance
Information Security Management
ISM
Visualforce
Customer Service
ROOT
Reporting
Fraud
Regulatory Compliance
Storage
RPO
Failover
Recovery
Cyber Security
Training
Customer Communications
Due Diligence
Management
Social Engineering
KPI
Internal Auditing
Auditing
Information Security
Disaster Recovery
Incident Management
ISO 9000
Distributed File System
Business Continuity Planning
Leadership
Strategic Planning
Analytical Skill
Communication
Microsoft PowerPoint
Microsoft Excel
Health Care
Professional Development
Financial Services
Customer Relationship Management (CRM)
System Integration Testing
Pick
Innovation
Partnership
Collaboration
Mentorship
Sustainability
Law

Job Details

At BBH, Partnership is more than a form of ownership-it's our approach to business and relationships. We know that supporting your professional and personal goals is the best way to help our clients and advance our business. We take that responsibility seriously. With a 200-year legacy and a shared passion for what's next, this is the right place to build a fulfilling career.

Background: The Enterprise Incident Management ("EIM") team is a team within the Protect Pillar in Systems. The Protect Pillar is a unique BBH-construct designed for clear, centralized and coordinated accountability: to protect against physical and logical security risks; to safeguard stakeholder assets; and to detect, prepare for, and respond effectively to security events. To that end, the Protect Pillar encompasses the following areas:
  • Cybersecurity;
  • Enterprise Data Protection and Data Governance;
  • Enterprise Incident Management;
  • Global Security; and
  • Information Security Management ("ISM").

Given that technology is an integral component of the Pillar's control measures and a key asset to safeguard, the Protect Pillar sits within BBH's Systems organization.

Role: Reporting to the Head of the Protect Pillar, this role serves as the head of the Enterprise Incident Management and is responsible for:
  • Strategic oversight and operational execution of the Firm's response to cyber and business continuity events
  • Serving as the escalation point for cyber and BCP events, managing communications (internally and externally), coordinating containment, eradication and recovery activities across the Firm, including across technical teams (e.g., Cyber, Infrastructure, Storage), business teams (e.g., Relationship Managers and Client Service Groups) and Risk/Compliance teams
  • Enhancing the cyber incident response program, including enhancing reviews of third-party cyber breaches to assess root cause and apply any lessons learned to the BBH cyber environment, documenting and reporting on such reviews. Liaising with various groups within the Firm, including cyber, anti-fraud, Compliance and Risk
  • Evaluating and enhancing the Firm's business continuity and disaster recovery ("BCDR") protocols, including operational resiliency plans, business impact assessments ("BIA") and BCP plans. Partnering with Back-up, Storage and Systems teams to refine recovery time objectives (RTO) and recovery point objectives (RPO).
  • Leading enterprise-wide recovery exercises, including tabletop exercises, systems recovery / full failover simulations and other technical recovery efforts
  • Staying abreast of latest cybersecurity threats and trends and proactively training relevant groups accordingly; enhancing the annual training on BCP program
  • Serving as an escalation point for client communications on cyber or BCP events, and internal FW communications on BCP events
  • Responding to client DDQs and participating in client due diligence meetings re: the Firm's BCDR program
  • Overseeing / enhancing the execution of the Firm's social engineering program, which is designed to raise awareness of social engineering risks; analyzing trends and simulation outcomes to drive employee awareness and behavior changes and modify the program accordingly
  • Defining key metrics and KPIs to measure the maturity and effectiveness of incident management, BCP and phishing programs
  • Serving as the primary point of contact with Internal Audit in connection with the Firms' BCDR program as well as external audits and client engagements

Qualifications:
  • Minimum 10+ years of experience in information security or business continuity / disaster recovery role, preferably within financial services
  • Strong understanding of cyber incident response frameworks (e.g., NIST, ISO), DFS Part 500 regulations, BCP/DR best practices and industry practices
  • Executive communication and crisis leadership
  • Strategic planning and execution
  • Excellent analytical and communication skills
  • Strong PowerPoint and Excel skills

Other :
  • Location: NJ
  • Type: Full Time
  • Hybrid role - 3 days in the office required

Salary Range

$160,000 - $215,000

BBH's compensation program includes base salary, discretionary bonuses, and profit-sharing. The anticipated base salary range(s) shown above are only for the indicated location(s) and may differ in other locations due to cost of living and labor considerations. Base salaries may vary based on factors such as skill, experience and qualification for the role. BBH's total rewards package recognizes your contributions with more than just a paycheck-providing you with benefits that enhance your experience at BBH from long-term savings, healthcare, and income protection to professional development opportunities and time off, our programs support your overall well-being.

We value diverse experiences. We value diverse experiences and transferrable skillsets. If your career hasn't followed a traditional path, includes alternative experiences, or doesn't meet every qualification or skill listed in the job description, please do go ahead and apply.

About BBH:

Brown Brothers Harriman (BBH) is a premier global financial services firm, known for premium service, specialist expertise, technology solutions and partnership approach to client management. Across Investor Services and Capital Partners, we work with an enviable roster of sophisticated clients who make BBH their first call when they are tackling their hardest challenges. Delivering for our clients and each other energizes us.

We believe that how we do our work is just as important as what we do. We are relentless problem solvers who know our best ideas come from collective debate and development-so we are never possessive about our ideas. Every day we come together as a diverse community of smart and caring people to deliver exceptional service and expert advice-creating success that lasts. No matter where you sit in the organization, everyone is empowered to contribute their ideas. BBHers can pick up the phone and call any colleague, and they are happy to help. Expanding your impact beyond your daily role is part of how we operate as trusted partners to one another.

We believe stability is a competitive advantage, but being stable means having the knowledge, skill, and discipline to evolve, often-pushing the boundaries of innovation. As a private partnership, every investment we make is in the relationships, technologies, products and development we believe are in the long-term interests of our clients and our people. Our long-tenured leaders are experts in their areas and are actively involved in the day-to day business, taking the time to provide guidance and mentoring to build the next generation of BBHers. Because we know, our success begins with yours.

Go to BBH.com to learn more about our rewards and benefits, philanthropy, approach to sustainability or how we support you to thrive personally, physically and financially.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, age, genetic information, creed, marital status, sexual orientation, gender identity, disability status, protected veteran status, or any other protected status under federal, state or local law.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.