Cyber Security Design Oversight Senior Manager

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

As the Cyber Security Design Oversight Senior Manager, you will serve as a Second Line of Defense (2LoD) authority providing independent oversight, challenge, and assurance across DTCC. This role ensures IAM controls and processes align to regulatory, risk, and security standards. You will influence design decisions, validate control effectiveness, and report on identity risk posture to senior leadership and governance forums.

Cyber Security Risk Office (CSRO) is responsible for setting strategic directions in the areas of IT Risk and Information Security. Maintains corporate security standards and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security.

Cyber Security Standards & Design Oversight (CSSDO) is responsible for providing highly advanced technical and analytical skills to Cyber Security Resilience (CSR) by ensuring project teams adhere to security control standards and guidelines throughout the project lifecycle.

Your Primary Responsibilities:

• Define and maintain DTCC's IAM control framework for workforce, partner, and customer identities.
• Provide independent challenge on IAM design decisions, risk assessments, and control implementations.
• Conduct risk-based reviews of IAM processes (provisioning, de-provisioning, RBAC/PBAC, PAM, access recertification).
• Validate effectiveness of access governance controls and escalate gaps to senior risk committees.
• Present independent assessments to risk governance forums and senior leadership.
• Partner with first-line IAM teams to advise on best practices without assuming operational ownership.
• Influence technology roadmaps to align with Zero-Trust principles and DTCC's risk appetite.
• Effectively manages tasks and people, taking a practical approach to determine the most effective method of execution while respecting others.
• Lead working groups of subject matter experts for definition and review of security standards, guidelines, principles, governance and controls.
• Responsible for subject matter expertise in development and lifecycle of security baselines customized to DTCC environment.
• Authoritative source for interpretation of standards in respect to technological implementations.
• Work with project teams to ensure technical quality of security focused deliverables and adherence to security standards, governance and controls practices.
• Actively contributes subject matter expert advice to CSRO members, cross-functional application development teams, various councils and committees and architecture roundtable meetings.
• Defines, publishes and maintains software and processes for security governance (i.e. compliance with principles, guidelines and standards).
• Mitigates risk by following established procedures, spotting key errors and demonstrating strong ethical behavior.

**NOTE: The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Bachelor's degree preferred or equivalent experience.
• Experience with IAM platforms (Okta, Entra ID, SailPoint, CyberArk).
• CISSP, CISM, or IAM-specific certifications.

Talents Needed for Success:

• Minimum of 10 years in IAM with strong knowledge of IGA, PAM, SSO/MFA, federation, and cloud identity.
• Experience in risk management or second-line oversight within financial services or regulated environments.
• Familiarity with regulatory and industry frameworks (SOX, FFIEC, etc.), and audit processes.
• Ability to interpret technical IAM designs and articulate risk implications to senior stakeholders.
• Strong leadership, communication, and influencing skills.
• Strategic problem solver with ability to challenge and influence across multiple levels.
• Strong understanding of identity risk and control design.
• Ability to build governance frameworks and communicate effectively with executives.
• Encourages different approaches or ways of working.
• Encourages teams to constructively challenge established views.
• Presents information clearly in writing and orally in larger group settings.
• Convince others on key topics by presenting persuasive arguments and alternative approaches.
• Sets an example for others by personally embracing change; Builds ownership for change by empowering others to lead change initiatives.

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation .

About Us

With over 50 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From 20 locations around the world, DTCC, through its subsidiaries, automates, centralizes, and standardizes the processing of financial transactions, mitigating risk, increasing transparency, enhancing performance and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm innovates purposefully, simplifying the complexities of clearing, settlement, asset servicing, transaction processing, trade reporting and data services across asset classes, bringing enhanced resilience and soundness to existing financial markets while advancing the digital asset ecosystem. In 2024, DTCC's subsidiaries processed securities transactions valued at U.S. $3.7 quadrillion and its depository subsidiary provided custody and asset servicing for securities issues from over 150 countries and territories valued at U.S. $99 trillion. DTCC's Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes more than 25 billion messages annually. To learn more, please visit us at or connect with us on LinkedIn , X , YouTube , Facebook and Instagram .

DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you'll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It's the chance to make a difference at a company that's truly one of a kind.

Learn more about Clearance and Settlement by clicking here .

About the Team

Our Risk Management teams work to protect the safety and soundness of our systems and are responsible for identifying, managing, measuring and mitigating a spectrum of key risk types including credit, market, liquidity, systemic, operational and technology in all existing and new products, activities, processes and systems.