Director, Cybersecurity Regulatory Engagement (1LOD)

At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide.

Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what #Life AtBNY is all about. Join us and be part of something extraordinary.

We’re seeking a future team member for the role of Director, Cybersecurity Governance, Risk and Controls Regulatory Engagement Lead to join our Cybersecurity team. This role can is in NYC, NY.

Role Summary:

The Director, Cybersecurity Regulatory Engagement (1LOD) is an individual contributor role within Cybersecurity Governance, Risk & Controls (CGRC). Consistent with the First Line of Defense (1LOD) mandate, this role manages and executes cybersecurity regulatory engagement activities contributing to effective risk and control outcomes.

The role supports and contributes to cybersecurity regulatory engagements, including exams, inquiries, remediation activities, new regulatory guidance and regulatory requests, by coordinating inputs, supporting control alignment, and driving disciplined execution. This position reports the Director of Cyber regulatory engagement and plays a critical role in translating regulatory expectations into clear, repeatable, and well-controlled 1LOD execution.

This position requires deep regulatory judgment, and the ability to work directly with cybersecurity leadership, Engineering Controls, and risk partners in a highly regulated environment.

Primary Responsibilities – 1LOD Alignment

Regulatory Engagement Execution:

• Execute end‑to‑end cybersecurity regulatory engagements, including regulatory exams, supervisory meetings, remediation activities, and requests for information (RFIs).

• Coordinate globally with cybersecurity process owners, control owners, and subject matter experts, to deliver accurate, consistent, and regulator‑ready responses – additionally, partner closely with Engineering Controls, Technology Risk (2LOD), Internal Audit (3LOD), and other cross‑functional stakeholders to ensure coordinated and well‑governed regulatory execution.

• Reinforce a risk-aware culture through disciplined 1LOD execution.

• Drive the development of high‑quality regulatory submissions by coordinating input across control owners, subject matter experts, and technical teams.

• Reinforce direction and expectations for clear, accurate, and consistent cybersecurity regulatory responses.

• Review, challenge, and approve key regulatory responses to ensure alignment with the firm’s cybersecurity posture and risk appetite.

• Contribute to a centralized regulatory response repository, leveraging AI‑enabled capabilities to improve response quality, consistency, and reuse.

• Prepare executive‑level briefings, materials, and talking points for senior management. Including preparing materials for senior management committees and boards.

• Partner with Engineering Controls, Risk, Compliance, Legal, and Internal Audit leadership throughout regulatory engagements

• Provide status updates and analysis to cybersecurity leadership.

• Provide leadership, coaching, and oversight to supporting team members.

• Maintain accurate regulatory engagement tracking, documentation, and artifacts in accordance with CGRC governance standards.

• Contribute to continuous improvement of regulatory engagement playbooks, job aids, and execution routines.

• Support reporting and metrics to provide transparency into regulatory risk, themes, and engagement status.

• Support the design, implementation, and assessment of controls addressing regulatory expectations.

• Contribute to 1LOD risk and control taxonomies.

• Identify control gaps, thematic issues, and systemic risks surfaced through regulatory engagements and partner with control owners to drive remediation.

Regulatory Response Management:

Stakeholder Management & Communication:

Team Leadership, Process Improvement & Reporting

Risk & Control Alignment:

Required Qualifications:

• 12+ years of experience in cybersecurity, technology risk, governance, audit, controls or related technology disciplines.

• Extensive experience in regulatory engagements, risk management, audit, or compliance within a large, complex, and highly regulated organization.

• Proven track record leading regulatory exams, supervisory interactions, or other types of regulatory engagements.

• Experience operating in a First Line of Defense (1LOD) role.

• Demonstrated ability to operate effectively at senior leadership and executive levels.

• Strong understanding of cybersecurity risk management, control frameworks, and regulatory expectations applicable to financial institutions.

• Ability to synthesize complex technical and risk topics into clear, defensible regulatory narratives.

• Exceptional written and verbal communication skills, with experience engaging regulators and senior executives.

• Strong judgment, executive presence, and the ability to influence outcomes without direct authority.

• Ability to manage multiple high‑stakes regulatory engagements concurrently under pressure.

At BNY, our culture speaks for itself, check out the latest BNY news at:

BNY Newsroom

BNY LinkedIn

Here’s a few of our recent awards:

• America’s Most Innovative Companies, Fortune, 2025

• World’s Most Admired Companies, Fortune 2025

• “Most Just Companies”, Just Capital and CNBC, 2025

Our Benefits and Rewards:

BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.

BNY assesses market data to ensure a competitive compensation package for our employees. The base salary for this position is expected to be between $116,000 and $246,000 per year at the commencement of employment. However, base salary if hired will be determined on an individualized basis, including as to experience and market location, and is only part of the BNY total compensation package, which, depending on the position, may also include commission earnings, discretionary bonuses, short and long-term incentive packages, and Company-sponsored benefit programs.

This position is at-will and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation) at any time, including for reasons related to individual performance, change in geographic location, Company or individual department/team performance, and market factors.