Cyber Security Design Oversight Senior Manager

About The Position

Requirements

• Bachelor's degree preferred or equivalent experience.
• Experience with IAM platforms (Okta, Entra ID, SailPoint, CyberArk).
• CISSP, CISM, or IAM-specific certifications.
• Minimum of 10 years in IAM with strong knowledge of IGA, PAM, SSO/MFA, federation, and cloud identity.
• Experience in risk management or second-line oversight within financial services or regulated environments.
• Familiarity with regulatory and industry frameworks (SOX, FFIEC, etc.), and audit processes.
• Ability to interpret technical IAM designs and articulate risk implications to senior stakeholders.
• Strong leadership, communication, and influencing skills.
• Strategic problem solver with ability to challenge and influence across multiple levels.
• Strong understanding of identity risk and control design.
• Ability to build governance frameworks and communicate effectively with executives.
• Encourages different approaches or ways of working.
• Encourages teams to constructively challenge established views.
• Presents information clearly in writing and orally in larger group settings.
• Convince others on key topics by presenting persuasive arguments and alternative approaches.
• Sets an example for others by personally embracing change; Builds ownership for change by empowering others to lead change initiatives.

Responsibilities

• Define and maintain DTCC’s IAM control framework for workforce, partner, and customer identities.
• Provide independent challenge on IAM design decisions, risk assessments, and control implementations.
• Conduct risk-based reviews of IAM processes (provisioning, de-provisioning, RBAC/PBAC, PAM, access recertification).
• Validate effectiveness of access governance controls and escalate gaps to senior risk committees.
• Present independent assessments to risk governance forums and senior leadership.
• Partner with first-line IAM teams to advise on best practices without assuming operational ownership.
• Influence technology roadmaps to align with Zero-Trust principles and DTCC's risk appetite.
• Effectively manages tasks and people, taking a practical approach to determine the most effective method of execution while respecting others.
• Lead working groups of subject matter experts for definition and review of security standards, guidelines, principles, governance and controls.
• Responsible for subject matter expertise in development and lifecycle of security baselines customized to DTCC environment.
• Authoritative source for interpretation of standards in respect to technological implementations.
• Work with project teams to ensure technical quality of security focused deliverables and adherence to security standards, governance and controls practices.
• Actively contributes subject matter expert advice to CSRO members, cross-functional application development teams, various councils and committees and architecture roundtable meetings.
• Defines, publishes and maintains software and processes for security governance (i.e. compliance with principles, guidelines and standards).
• Mitigates risk by following established procedures, spotting key errors and demonstrating strong ethical behavior.

Benefits

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.