Threat Management Associate Director

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

The Threat Management Associate Director plays a key role in both individual contributions and cross-functional coordination. This role ensures the integrity and effectiveness of DTCC’s security monitoring controls by overseeing data quality across multiple sources, identifying coverage gaps, and driving improvements in event processing and control assurance.

Your Primary Responsibilities:

• Mitigate risks by identifying, assessing, and documenting security control gaps in monitoring systems.
• Support the control validation process of the Security Monitoring Assurance program.
• Interface with internal and external stakeholders
• Partner with IT teams to remediate risks and issues impacting security monitoring controls.
• Support network security assessments to identify and enhance monitoring control effectiveness.
• Support Cyber Threat Fusion Center (CTFC) initiatives by implementing and enhancing security monitoring controls.
• Reevaluate and redesign processes to proactively manage and reduce risk to DTCC and its participants.
• Contribute to security strategy, program assessments, and control lifecycle activities.
• Assist in designing solutions with actionable metrics and defined risk thresholds.
• Align cybersecurity assessment reporting with stakeholders to strengthen DTCC’s security posture.
• Lead end-to-end process analysis and risk mitigation efforts.
• Fulfill additional CTFC responsibilities and special projects as assigned.
• Integrate risk and control processes into daily operations, escalating issues appropriately.
• Build and maintain relationships across organizational levels.
• Develop and present performance and risk metrics tailored for technical and executive audiences.
• Collaborate with cross-functional teams to deliver compliant, high-quality security monitoring solutions.
• Support executive communications on Security Monitoring Assurance program status.
• Maintain and update security policies, control standards, and process documentation.
• Identify gaps in security monitoring controls and coordinate remediation with control owners.

Specific Skills & Technologies

• Proven expertise in SIEM, Network Security, Endpoint Security and security incident management technologies.
• Strong background in cybersecurity design, implementation, and documentation.
• Skilled in project management and technical presentations.
• Knowledgeable in ethical hacking, penetration testing, and vulnerability assessments.
• Familiar with industry-standard security frameworks, policies, and procedures.
• Solid understanding of network and infrastructure protocols (e.g., TCP/IP, HTTP/S, DNS, firewalls, proxies, IDS/IPS).

Qualifications:

• At least 8 years of cyber security experience, preferably in financial services or regulated environments.
• Bachelor’s degree in computer science or related field.
• Security certifications (e.g., CEH, CCSP, CISSP, OSCP) are a plus.

Talents Needed for Success:

Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

With over 50 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From 20 locations around the world, DTCC, through its subsidiaries, automates, centralizes, and standardizes the processing of financial transactions, mitigating risk, increasing transparency, enhancing performance and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm innovates purposefully, simplifying the complexities of clearing, settlement, asset servicing, transaction processing, trade reporting and data services across asset classes, bringing enhanced resilience and soundness to existing financial markets while advancing the digital asset ecosystem. In 2024, DTCC’s subsidiaries processed securities transactions valued at U.S. $3.7 quadrillion and its depository subsidiary provided custody and asset servicing for securities issues from over 150 countries and territories valued at U.S. $99 trillion. DTCC’s Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes more than 25 billion messages annually. To learn more, please visit us at www.dtcc.com or connect with us on LinkedIn, X, YouTube, Facebook and Instagram.

Enterprise Product & Platform Engineering transforms the way we deliver infrastructure to our business clients. A key construct of EP&PE will be the evolution of the IT Product Manager, who will partner with the Engineering organization, the Business Aligned Service Delivery organization, the DevSecOps organization as well as our operational support teams to ensure that this organization provides high quality, commercially attractive and timely solutions to support our business strategy.