Threat Management Associate Director

Are you ready to make an impact at DTCC?

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

Your Primary Responsibilities:

• Mitigate risks by identifying, assessing, and documenting security control gaps in monitoring systems.
• Support the control validation process of the Security Monitoring Assurance program.
• Interface with internal and external stakeholders
• Partner with IT teams to remediate risks and issues impacting security monitoring controls.
• Support network security assessments to identify and enhance monitoring control effectiveness.
• Support Cyber Threat Fusion Center (CTFC) initiatives by implementing and enhancing security monitoring controls.
• Reevaluate and redesign processes to proactively manage and reduce risk to DTCC and its participants.
• Contribute to security strategy, program assessments, and control lifecycle activities.
• Assist in designing solutions with actionable metrics and defined risk thresholds.
• Align cybersecurity assessment reporting with stakeholders to strengthen DTCC’s security posture.
• Lead end-to-end process analysis and risk mitigation efforts.
• Fulfill additional CTFC responsibilities and special projects as assigned.
• Integrate risk and control processes into daily operations, escalating issues appropriately.
• Build and maintain relationships across organizational levels.
• Develop and present performance and risk metrics tailored for technical and executive audiences.
• Collaborate with cross-functional teams to deliver compliant, high-quality security monitoring solutions.
• Support executive communications on Security Monitoring Assurance program status.
• Maintain and update security policies, control standards, and process documentation.
• Identify gaps in security monitoring controls and coordinate remediation with control owners.

Specific Skills & Technologies

• Proven expertise in SIEM, Network Security, Endpoint Security and security incident management technologies.
• Strong background in cybersecurity design, implementation, and documentation.
• Skilled in project management and technical presentations.
• Knowledgeable in ethical hacking, penetration testing, and vulnerability assessments.
• Familiar with industry-standard security frameworks, policies, and procedures.
• Solid understanding of network and infrastructure protocols (e.g., TCP/IP, HTTP/S, DNS, firewalls, proxies, IDS/IPS).

Qualifications:

• At least 8 years of cyber security experience, preferably in financial services or regulated environments.
• Bachelor’s degree in computer science or related field.
• Security certifications (e.g., CEH, CCSP, CISSP, OSCP) are a plus.

Talents Needed for Success:

• Proven Experience with compliance management platforms like Qualys Policy Compliance (PC), HPNA, or similar 
• Knowledge in SIEM, Network Security, Endpoint Security, Rapid7 and security incident management technologies.
• Strong background in cybersecurity design, implementation, and documentation.
• Skilled in project management and technical presentations.
• Proficiency in Python, PowerShell, Bash, or Perl to automate compliance checks, data parsing, and reporting.
• Familiar with industry-standard security frameworks, policies, and procedures.
• Solid understanding of network and infrastructure protocols (e.g., TCP/IP, HTTP/S, DNS, firewalls, proxies, IDS/IPS).