Security Program Guidance Senior Analyst

Are you ready to make an impact at DTCC?  

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets.  We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact.  We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits 
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee). 

The impact you will have in this role:

As a member of Technology Risk Management (TRM), we are responsible for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security. Security Program Guidance manages alignment of the technology risk program to cyber regulations, cyber risk frameworks, and cyber best practices. The team performs self governance and risk identification by assessing core process areas within the technology risk management organization. The team assists with identifying internal issues, validating issue closures, and ensuring past issue remediations are sustained. Enterprise-wide management control testing is supported through this function and there is a subset of the team that performs year long technology risk management control testing. This team supports DTCC governance, risk, and compliance (GRC) and directly manages the controls in the process, risk, and control (PRC) libraries on behalf of the entire technology risk management department. Assessments of the security program's alignment to the Cyber Risk Institute Profile, the cybersecurity framework endorsed by the financial services industry, is also managed by this function which enables regulatory harmonization and has been accepted by various regulatory bodies..

Your Primary Responsibilities:

• Perform operating effectiveness control testing, as prescribed by test steps, and document the results of the testing within required timeframes.
• Complete assigned control testing which includes, obtaining populations and validating the completeness and accuracy, making sample selections based on sampling methodology.
• Communicate deficiencies to direct supervisor.
• Excellent writing skills to support thorough documentation of tested controls and communication of information security principles.
• Aligns risk and control processes into day to day responsibilities to monitor and mitigate risk; escalates appropriately

**NOTE:  The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Bachelor’s Degree in Computer Science or related field is preferred
• Minimum of 2 years related experience.

Talents Needed for Success:

• Collaborates well within and across teams.
• Communicates openly with team members and others.
• Works with the team to review deliverables and ensure quality and accuracy.
• Adheres to established rules and procedures when performing work.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

DTCC safeguards the financial markets and helps them run efficiently, in times of prosperity and crisis. We are uniquely positioned at the center of global trading activity, processing over 100 million financial transactions every day, pioneering industry-wide, post-trade solutions and maintaining multiple data and operating centers worldwide. From where we stand, we can anticipate the industry’s needs and we’re working to continually improve the world’s most resilient, secure and efficient market infrastructure. Our employees are driven to deliver innovative technologies that improve efficiency, lower cost and bring stability and certainty to the post-trade lifecycle.
DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork.  When you join our team, you’ll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It’s the chance to make a difference at a company that’s truly one of a kind.

Learn more about Clearance and Settlement by clicking here.