Cyber Security Operations External Validation Senior Associate

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

Being a member of IT CISO team, as a Senior Associate within the Cyber Security Operations External Validation Program, you will play a key role in independently assessing, validating, and benchmarking Cyber Security Operations capabilities across DTCC.

This role is responsible for driving transparency, accountability, and continuous improvement by evaluating program effectiveness across cyber domains (Offensive Cyber Operations, Defensive Cyber Operations, Threat Hunt, Insider Threat, Readiness, and Enablement). You will help establish maturity baselines, identify improvement opportunities, and ensure Cyber Security Operations programs are aligned with enterprise expectations, regulatory requirements, and leading industry practices.

The External Validation Program is a critical component of Cyber Security Operations Enablement, ensuring disciplined governance, independent validation, and measurable risk reduction across all cyber security programs.

Your Primary Responsibilities:

• Conduct independent validation of Cyber Security Operations programs to assess effectiveness, coverage, and control execution
• Perform benchmarking of all Cyber Security Operations programs to establish maturity baselines and identify gaps and improvement opportunities
• Analyze program outputs, processes, and metrics to evaluate alignment with enterprise frameworks and cyber security standards
• Develop and deliver clear, data-driven reporting, including benchmarking results, maturity assessments, and executive summaries
• Partner with Cyber Security Operations teams (Offensive, Defensive, Threat Hunt, Insider Threat, and Readiness) to review findings and support remediation planning
• Identify systemic risks, trends, and control weaknesses across programs and provide actionable recommendations
• Support the establishment and standardization of metrics to measure program health, effectiveness, and coverage
• Contribute to the development of repeatable validation methodologies, procedures, and frameworks
• Assist with audit, regulatory, and assurance activities by providing independent validation evidence and program insights
• Drive continuous improvement by incorporating industry benchmarking, internal performance data, and feedback loops

**NOTE: The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Bachelor's degree in Cyber Security, Information Technology, or related field, or equivalent experience
• 3-5+ years of experience in cyber security operations, assurance, audit, risk, or program evaluation
• Experience evaluating or supporting cyber security programs, controls, or operational processes
• Strong analytical and reporting skills, with the ability to synthesize complex data into actionable insights
• Proven ability to develop written deliverables, including assessments, reports, and executive-level summaries
• Ability to work across multiple teams and stakeholders to gather information and drive alignment

Talents Needed for Success:

• Strong critical thinking and analytical mindset
• High attention to detail and focus on quality and accuracy
• Ability to work independently and exercise sound judgment in ambiguous environments
• Strong communication skills with the ability to influence both technical and non-technical stakeholders
• Continuous improvement mindset with a focus on enhancing operational maturity

Preferred Qualifications

• Experience with cyber security assessments, validation, or benchmarking activities
• Familiarity with industry frameworks (e.g., NIST, ISO, CIS) or enterprise control frameworks
• Experience in financial services or another highly regulated environment
• Certifications such as CISSP, CISM, CRISC, or relevant audit / risk certifications
• Experience supporting audit, regulatory, or compliance initiatives

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.