Head of IT and Cyber Risk

• Lead and oversee comprehensive IT and cyber risk assessments aligned to industry frameworks including ( e.g. National Institute of Standards and Technology (NIST) and International Organization for Standardization, (ISO)) to identify, evaluate, and prioritize risk exposures across the enterprise, including ownership of the annual NYDFS Cybersecurity Risk Assessment process, including proper documentation and reporting.
• Drive execution and oversight of technology resiliency initiatives, including development and regular testing of business continuity and disaster recovery plans.
• Collaborate with 1st and 3rd lines of defense to oversee the completion of control testing, logging findings, and integrate results into risk assessments and dashboards. Partner with auditors to support SOC attestation and remediation.
• Champion integration of risk management processes and reporting within ServiceNow (SN), ensuring seamless connectivity, process automation, and unified oversight across platforms.
• Develop, maintain, and present dashboards and key metrics to senior stakeholders providing visibility into risk landscape, control effectiveness, and program performance, enabling data-driven decision making.
• Own and maintain the IT Risk Register, facilitate root cause analysis and lessons learned, and oversee remediation activities to continuously strengthen the control environment.
• Partner with the third-party risk and business risk & resiliency teams to comprehensive IT and cyber risk assessments are performed and remediation efforts are implemented.

• Driven to accelerate impact and lead change
• Exceptional communicator across multiple levels of an organization, able to drive outcomes through others
• Flexible and resourceful in managing multiple priorities

You Have

• 10+ years of experience in cybersecurity, IT, or information security, with at least 5 years in risk management or leadership role.
• Deep knowledge of risk management frameworks (NIST, ISO, COBIT), incident response, control design, and regulatory compliance is required
• Certifications preferred (ISM, CISSP, or similar)

This position reports to the Head of Operational Risk, who reports to our Chief Risk Officer within Enterprise Risk Management.

Salary Range:

$155,370.00 - $255,255.00

The salary range reflected above is a good faith estimate of base pay for the primary location of the position. The salary for this position ultimately will be determined based on the education, experience, knowledge, and abilities of the successful candidate. In addition to salary, this role may also be eligible for annual, sales, or other incentive compensation.

Our Promise

At Guardian, you'll have the support and flexibility to achieve your professional and personal goals. Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards.

Every day, Guardian helps our 29 million customers realize their dreams through a range of insurance and financial products and services. Our Purpose, to inspire well-being, guides our dedication to the colleagues, consumers, and communities we serve. We know that people count, and we go above and beyond to prepare them for the life they want to live, focusing on their overall well-being - mind, body, and wallet. As one of the largest mutual insurance companies, we put our customers first. Behind every bright future is a GuardianTM. Learn more about Guardian at guardianlife.com ., Guardian Life is not currently or in the foreseeable future sponsoring employment visas. In order to be a successful applicant, you must be legally authorized to work in the United States, without the need for employer sponsorship.