Are you ready to make an impact at DTCC?
Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.
Pay and Benefits:
- Competitive compensation, including base pay and annual incentive
- Comprehensive health and life insurance and well-being benefits, based on location
- Pension / Retirement benefits
- Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
- DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).
The impact you will have in this role :
Be an active member of an Agile/ Kanban squad passionate about implementing the best business practices in the form of iterative configuration dedicated to improving the security posture and resiliency within DTCC. Be an inspiring leader in the Zero Trust framework when providing mentorship with integrations to the Vault environment, including authentication and authorization, network security, principle of least privilege, end-to-end encryption, and data protection. Work closely with the squad members, business members and product owner to find opportunities to advance capability and automation of secret engines, tools, and applications. Adopt a horizontal platform team demeanor, collaborate with multi-functional teams to ensure the integration of Vault with other systems and processes. Proactively participate in activities such as disaster recovery exercises and audits. You are willing to learn & support multiple technologies in Cybersecurity Engineering as part of ARSENAL Squad with a main focus on Secrets Management and IAM technologies. You will be comfortable researching and understanding a wide variety of existing and emerging technology, can participate in the aggressive testing schedule of the Cyber Security Assessment Team (CSAT) and appropriately contribute to the daily workload of a highly skilled and diverse group of security assessment testers.
Your Primary Responsibilities:
- Conduct automated and manual tests of information systems, to include review of previous vulnerability scans, compliance scans/results, penetration testing.
- Use a variety of techniques to perform tests and assessments, such as threat modeling, threat simulation and social engineering.
- Researching and understanding a wide variety of information systems and emerging technologies.
- Develop test plans, operation schedules, perform tests and prepare after-action reports for information systems.
- Document tests in accordance with DTCC Information Security Policies and CSAT standard operating procedures.
Qualifications:
- Minimum of 6 years of related experience
- Bachelor's degree in related field and/or equivalent experience
Talents Needed for Success:
- 2+ Years working with System/Service monitoring
- Basic understanding of Identity management
- Experience with Kubernetes or other container orchestration systems
- 3-5 years’ of demonstrated ability managing Linux Environments
- Familiarity with NIST and Zero Trust Framework
- Be a proficient problem-solver with an ability resolve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity
- Have a broad knowledge of security methodologies, solutions and standard processes, and have expert level knowledge of one or more domains.
- Solid understanding of the technical and non-technical tactics, techniques and procedures used by adversaries to exploit information systems. Candidates should be able to conduct sophisticated tests that simulate malicious users.
- Have experience with multiple open source and commercial testing tools. A non-comprehensive list includes Nessus, App Detective, Metasploit, Burp Suite, and nmap.
- Proven knowledge of the strengths and weaknesses of security tools. Ability to select the right tool for the job. Ability to configure and troubleshoot tools if vital.
- Be comfortable using, configuring, troubleshooting, and administrating both UNIX based and Microsoft operating systems. Candidate should also have extensive systems engineering experience with at least one of these OSs.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
.
DTCC safeguards the financial markets and helps them run efficiently, in times of prosperity and crisis. We are uniquely positioned at the center of global trading activity, processing over 100 million financial transactions every day, pioneering industry-wide, post-trade solutions and maintaining multiple data and operating centers worldwide. From where we stand, we can anticipate the industry’s needs and we’re working to continually improve the world’s most resilient, secure and efficient market infrastructure. Our employees are driven to deliver innovative technologies that improve efficiency, lower cost and bring stability and certainty to the post-trade lifecycle.
DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you’ll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It’s the chance to make a difference at a company that’s truly one of a kind.
Learn more about Clearance and Settlement by clicking here .
Our Risk Management teams work to protect the safety and soundness of our systems and are responsible for identifying, managing, measuring and mitigating a spectrum of key risk types including credit, market, liquidity, systemic, operational and technology in all existing and new products, activities, processes and systems.
The Technology Risk Management department is responsible for setting strategic direction in the areas of IT Risk and Information Security. They are accountable for maintaining DTCC's corporate security policies and control standards and acting as an operational arm for monitoring threat intelligence.