Threat & Vulnerability Senior Associate
About The Position
Being a member of the IT CISO – Cyber Security & Resiliency team, you will be responsible for setting strategic direction in the areas of IT Risk and Information Security. This role maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security. Threat & Vulnerability proactively identifies and mitigates security threats and vulnerabilities within DTCC. Threat & Vulnerability involves continuous monitoring, assessment, and response to emergency cyber threats as well as the development of robust security measures to safeguard against potential breaches.
Requirements
- Minimum of 6 years of related experience
- Applies strong technical judgment in vulnerability management, including patching, risk prioritization, and remediation.
- Uses data, analytics, and AI-driven insights to inform decisions and improve outcomes.
- Proactively identifies, assesses, and escalates security risks.
- Communicates clearly, translating technical issues into business impact for stakeholders.
- Collaborates effectively across teams and vendors to drive remediation.
- Produces metrics and reporting to support governance and leadership decisions.
- Manages multiple priorities with strong organization and execution.
- Embeds risk, control, and compliance practices into day-to-day operations.
- Fosters a culture where honesty and transparency are expected.
- Stays current on changes in his/her own specialist area and seeks out learning opportunities to ensure knowledge is up-to-date.
- Invests effort to individually coach others.
- Builds collaborative teams across the organization.
- Communicates openly keeping everyone across the organization informed.
Nice To Haves
- Bachelor's degree preferred and/or equivalent experience
Responsibilities
- Apply patch management processes to identify, prioritize, and mitigate vulnerabilities across the DTCC environment.
- Leverage AI-driven insights and analytics to improve vulnerability detection, prioritization, and remediation decision-making.
- Identify and assess network security risks, ensuring effective mitigation of vulnerabilities.
- Develop and maintain policies, procedures, job aids, and documentation to support vulnerability management practices.
- Collaborate with vendors and internal stakeholders to drive remediation efforts and improve security outcomes.
- Ensure adherence to relevant regulatory and compliance standards.
- Produce and present metrics and reporting that measure vulnerability management effectiveness and inform leadership decisions.
- Manage workload and coordinate vulnerability management initiatives across projects and teams.
- Support response activities for vulnerability-related security incidents.
- Embed risk and control practices into daily operations, ensuring timely escalation of identified risks.
Benefits
- Competitive compensation, including base pay and annual incentive
- Comprehensive health and life insurance and well-being benefits, based on location
- Pension / Retirement benefits
- Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
Associate degree
