|Date Posted||April 28, 2021|
*Visa sponsorship is not available for this position*
Are you ready to explore a world of possibilities?
Join our DTCC family, and you’ll grow your expertise and become the best version of you. As you embark on a new journey, you’ll tackle challenges with flexibility and grace, learning new skills and advancing your career while having the time of your life
The Cybersecurity Services organization within Information Technology is focused on protecting DTCC from cybersecurity risks through world class cyber security architecture, engineering and governance practices. The Cybersecurity Governance & Analytics team is responsible to establish and maintain a Center of Excellence (CoE) for governance activities, including internal and external audit preparedness, security analytics and reporting.
Why you'll love this job
This position will be responsible for cybersecurity governance activities by managing the overall security risk for the organization, enhancing and driving existing best practices and standards, identifying gaps in security processes and technology, and providing senior management reporting and measurable plans to ensure adherence. The Governance, Risk and Compliance (GRC) associate will help manage cybersecurity threat mitigation activities through development and management of key outcome-based cybersecurity metrics (KPIs/KRIs) and associated reporting. Principal responsibilities will focus on leading efforts related to audits, Issue Management lifecycle, and security posture reporting across the businesses.
What You'll Do
Manages all cybersecurity governance CoE processes and builds success measures for security analysts in Agile Squads to adhere to the governance framework
Proactively drives preparation exercises and identification of security issues, prior to scheduled audits, and assists in providing evidences to internal and external auditor inquiries
Drives and confirms the sustainability posture of security issues by validating the action plan evidence and performing sample testing to ensure continuous cybersecurity controls
Serves as compliance and regulatory liaison for the domain, and as governance CoE key point of contact for Agile squads
Identifies and implement improvements to existing security metrics to enable outcome-based metrics
Drives security awareness trainings and communications
Drives maturity of security approach by proactively identifying meaningful issues and control gaps in current processes; influencing behavior change within the organization and contributing to the building a stronger security-focused culture
Maintains professional and technical process knowledge by keeping abreast of the changing security landscape within the technology industry and changes in cybersecurity frameworks
Aligns risk and control processes into day to day responsibilities to monitor and mitigate risk; raises appropriately
*Note: Responsibilities of this role are not limited to the details above*
Your talents needed for success
Candidate must have experience in supporting Information Security governance function with proficiency in information security domains, including but not limited to Identity and Access management, Certificate Management, Network Security, Vulnerability Management and Data Protection.
Prior experience in IT Security or, Governance, Risk and Compliance roles
Strong Cybersecurity experience across one or multiple domains (i.e. Identity Access Management, Vulnerability Management)
Experience in reading network security designs and understand network fundamentals
Experience in evaluating technology and security controls against the IS Policies and control standards
Experience with analytics and reporting desired
Minimum of 5 years of related experience
Bachelor's degree preferred with Masters, or equivalent experience
DTCC safeguards the financial markets and helps them run efficiently, in times of prosperity and crisis. We are uniquely positioned at the center of global trading activity, processing over 100 million financial transactions every day, pioneering industry-wide, post-trade solutions and maintaining multiple data and operating centers worldwide. From where we stand, we can anticipate the industry’s needs and we’re working to continually improve the world’s most resilient, secure and efficient market infrastructure. Our employees are driven to deliver innovative technologies that improve efficiency, lower cost and bring stability and certainty to the post-trade lifecycle.
Our work environment favors openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you’ll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It’s the chance to make a difference at a company that’s truly one of a kind.
The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.