Desc
Are you ready to explore a world of possibilities?
Join our DTCC family, and you’ll grow your expertise and become the best version of you. As you embark on a new journey, you’ll tackle challenges with flexibility and grace, learning new skills and advancing your career while having the time of your life
Why you'll love this job
The Information Security Program Governance Manager is responsible  for the development, implementation, and ongoing management & governance of the DTCC cyber security program. The manager is responsible for managing the security strategy and the cyber assessment lifecycle, as well as monitoring the activities of the core services of the security program. The Manager will assist in the identification and prioritization of key security initiatives by aligning with the NIST security framework to help transform the company’s information security effort to address the ever changing threat environment.  The incumbent will coordinate all aspects of the initiatives to successfully deliver implementations.
Specifically, the incumbent will direct the development of a consistent approach to meeting the regulatory guidelines and laws as a designated SIFMU including the adherence to the NIST cyber security framework. Additionally, this role requires:  the ongoing monitoring of all activities related to the core service delivered by TRM; delivering and tracking the findings resulting from the ongoing assessments of the program; ensuring that the findings are being implemented; ensuring it’s alignment to NIST CSF; identifying gaps; and communicating to the TRM & IT stakeholders responsible for ingesting data and updating their portfolio to meet the demands of the increasing threat landscape.   The 3 year information security strategy and the Information Security profile are products that support the program.
What you’ll do:
Reassess existing processes and create new ones that most effectively anticipate, manage and reduce risk to DTCC and its participants
Develop and manage the security strategy, program assessment and control lifecycle processes
Managing the lifecycle and quality assurance of audit actions, documented core processes, activities.
Provide visibility and assurance that we are doing what we say we do
Review and improve applicable policies and standards and supporting operational procedures including the 3 year cyber security strategy
Align cybersecurity program assessment reporting with stakeholders in support of managing risk and identifying opportunities to enhance DTCC’s security profile
Coordinate and manage  key cyber security program initiatives and their alignment with NIST CSF , including rationale(s) for risk reduction or avoidance
End to End Process Analysis and risk reduction initiatives
Providing advice and leading risk and control projects to support DTCC Corporate Goals and improving the control environment;
Demonstrate and embed the behaviors and competencies that create a risk management mindset in the organization
Become an internal subject matter expert with respect to cybersecurity and risk management
Act as advisor to the Head of TRM Program Governance and team on issues and risks that affect the organization, including potential gaps and opportunities.
Research best practices and industry trends for the information security program with external organization, 3rd parties industry specialists, symposiums, and industry organizations and assess suitability for DTCC implementation
Develop, communicate and ensure adherence to department risk policies, procedures and best practices
Aligns risk and control processes into day to day responsibilities to monitor and mitigate risk; escalates appropriately
*Note: Responsibilities of this role are not limited to the details above*
Qualifications
Bachelor's degree preferred with Masters, or equivalent experience
RequisitionType Professional JobSchedule Full time