Overview
On Site
Full Time
Skills
TRM
Strategic management
Policies
Leadership
ARM
Threat analysis
FOCUS
IT risk
Information security
Testing
Penetration testing
Security QA
Threat modeling
DTCC
Data
Collaboration
Application development
Software security
Honesty
HIS
IMPACT
Risk management
Management
Spectrum
Job Details
About this Opportunity
Technology Risk Management (TRM) is responsible for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security.
The Application Security Assurance program implements a variety of AppSec (Application Security) technologies, controls, tools and processes to ensure delivery teams are able to adhere and align with the Secure System Development Lifecycle to protect DTCC applications from exisiting and emerging security risks & improve application risk posture.
What You'll Do
Sound Like You?
Additional Qualifications
About the Team
Our Risk Management teams work to protect the safety and soundness of our systems and are responsible for identifying, managing, measuring and mitigating a spectrum of key risk types including credit, market, liquidity, systemic, operational and technology in all existing and new products, activities, processes and systems.
Technology Risk Management (TRM) is responsible for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security.
The Application Security Assurance program implements a variety of AppSec (Application Security) technologies, controls, tools and processes to ensure delivery teams are able to adhere and align with the Secure System Development Lifecycle to protect DTCC applications from exisiting and emerging security risks & improve application risk posture.
What You'll Do
- Assist in the execution of Application Security Testing (Ethical App Pentest / FOSS / Static or Dynamic Security Testing / Threat Modeling) within the bounds of the Processes and DTCC Control Standards.
- Support data-to-day activities related to Application Security functions.
- Align risk and control processes into day-to-day responsibilities to monitor and mitigate risk, and escalate where applicable.
- Collaborate with application development teams on application security assessments.
- Assists others on own team, or other teams where applicable.
- Actively contribute subject matter expert knowledge to the Security Mavens Community.
- Aligns risk and control processes into day to day responsibilities to monitor and mitigate risk; escalates appropriately
Sound Like You?
- Minimum of 4 years of related experience
- Bachelor's degree preferred or equivalent experience
Additional Qualifications
- Fosters a culture where honesty and transparency are expected.
- Stays current on changes in his/her own specialist area and seeks out learning opportunities to ensure knowledge is up-to-date.
- Collaborates well within and across teams.
- Communicates openly with team members and others.
- Resolves disagreements between colleagues effectively, minimizing the impact on the wider team.
About the Team
Our Risk Management teams work to protect the safety and soundness of our systems and are responsible for identifying, managing, measuring and mitigating a spectrum of key risk types including credit, market, liquidity, systemic, operational and technology in all existing and new products, activities, processes and systems.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.