Associate Director IT Security Engineering

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

The purpose of Security Compliance Engineering team is to provide best in class and versatile security compliance monitoring services to the enterprise monitoring technologies like Operating Systems, Network, Storage, Databases etc. in cloud (AWS, Azure) as well as in on-premise data centers. This position is for a Security Compliance Manager. This position is focused on building, mentoring and leading a highly motivated security compliance team.

Your Primary Responsibilities:

• Engineer, Implement and Operate compliance tools monitoring technologies like compute, storage, databases & network in cloud and on-premises.
• Develop, implement, and maintain the cybersecurity compliance roadmap.
• Help service owners with remediation of findings and track action plans to closure.
• Maintain policies, standards, and procedures aligned with FFIEC, GLBA, NYDFS, etc.
• Report compliance metrics of various technology domains e.g. OS, Storage, Network etc.
• Manage, mentor, and develop 5+ cybersecurity engineers focused on compliance tooling and control implementation.
• Prioritize workload, conduct performance reviews, and foster collaboration.
• Bridge technical execution (engineers) and strategic compliance goals.
• Oversee vendor security reviews and third-party risk management.
• Serve as primary point of contact for compliance metrics.
• Stay current on evolving regulations (SEC, FINRA, CFPB), threats, and frameworks.
• Automate compliance monitoring and reporting using GRC tools.
• Drive initiatives to enhance security posture and reduce compliance risk.

Qualifications:

• Minimum of 8 years of related experience
• Bachelor's degree preferred or equivalent experience

Talents Needed for Success:

• 8+ years in Cybersecurity, IT, Risk Management, Governance, or related field
• 5+ years in cybersecurity compliance, risk, or audit within financial services (banking, fintech, brokerage, etc.)
• 3+ years directly managing small technical teams in large enterprise environments, preferably in the financial sector.
• Proven expertise with CIS, NYDFS, FFIEC, SOX, PCI-DSS, and NIST CSF/800-53
• Hands-on experience with compliance monitoring of servers, workstations, databases, storage solutions, network devices, SaaS services, and cloud infrastructure
• Hands-on experience with HPNA, Qualys, Guardium, and similar compliance monitoring tools
• Understanding of security controls (IAM, encryption, SIEM, vulnerability management)
• Creating and reporting useful compliance metrics.
• Proficiency in audit response and regulatory reporting
• Strong leadership, communication, and stakeholder management abilities
• Focus on compliance/risk.
• Experience with cloud compliance (AWS/Azure/Google Cloud Platform) in regulated environments.
• Knowledge of data privacy laws (GDPR, CCPA).
• Certifications - CISSP, CISM, CRISC, CISA, or similar.

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

About Us

With over 50 years of experience, DTCC is the premier…