Job DescriptionThe Impact you will have in this role:Being a member of IT CISO -
Cyber Security & Resiliency team, you will be responsible for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security. Threat & Vulnerability proactively identifies and mitigates security threats and vulnerabilities within DTCC. Threat & Vulnerability involves continuous monitoring, assessment, and response to emergency cyber threats as well as the development of robust security measures to safeguard against potential breaches.
Your Primary Responsibilities:- Apply patch management processes to identify, prioritize, and mitigate vulnerabilities across the DTCC environment.
- Leverage AI-driven insights and analytics to improve vulnerability detection, prioritization, and remediation decision-making.
- Identify and assess network security risks, ensuring effective mitigation of vulnerabilities.
- Develop and maintain policies, procedures, job aids, and documentation to support vulnerability management practices.
- Collaborate with vendors and internal stakeholders to drive remediation efforts and improve security outcomes.
- Ensure adherence to relevant regulatory and compliance standards.
- Produce and present metrics and reporting that measure vulnerability management effectiveness and inform leadership decisions.
- Manage workload and coordinate vulnerability management initiatives across projects and teams.
- Support response activities for vulnerability-related security incidents.
- Embed risk and control practices into daily operations, ensuring timely escalation of identified risks.
**NOTE: The Primary Responsibilities of this role are not limited to the details above. **Qualifications:- Minimum of 6 years of related experience
- Bachelor's degree preferred and/or equivalent experience
Talents Needed for Success:- Applies strong technical judgment in vulnerability management, including patching, risk prioritization, and remediation.
- Uses data, analytics, and AI-driven insights to inform decisions and improve outcomes.
- Proactively identifies, assesses, and escalates security risks.
- Communicates clearly, translating technical issues into business impact for stakeholders.
- Collaborates effectively across teams and vendors to drive remediation.
- Produces metrics and reporting to support governance and leadership decisions.
- Manages multiple priorities with strong organization and execution.
- Embeds risk, control, and compliance practices into day-to-day operations.
- Fosters a culture where honesty and transparency are expected.
- Stays current on changes in his/her own specialist area and seeks out learning opportunities to ensure knowledge is up-to-date.
- Invests effort to individually coach others.
- Builds collaborative teams across the organization.
- Communicates openly keeping everyone across the organization informed.
The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations.
