Security Compliance Manager

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

Being a member of IT Cybersecurity & Platform Strategy team, the purpose of Cloud Security Engineering team is to provide best in class and versatile cloud security services to the enterprise securing the workloads, application and data in AWS, Azure and Google Cloud Platform. This position is for a Cloud Security Manager. This position is passionate about building, mentoring and leading a highly motivated cloud security team.

You will be an experienced Cybersecurity Compliance Manager to lead our compliance initiatives and manage a team of 3 cybersecurity engineers. You will ensure our security controls align with regulatory requirements (e.g., GLBA, NYDFS, SOX, FFIEC, GDPR), industry standards (e.g., NIST, ISO 27001, PCI-DSS), and internal policies. This role blends technical oversight, regulatory expertise, and team leadership.

Your Primary Responsibilities:

• Develop, implement, and maintain the cybersecurity compliance roadmap.
• help service owners with remediation of findings and supervise action plans to closure.
• Maintain policies, standards, and procedures aligned with FFIEC, GLBA, NYDFS, etc.
• Lead, mentor, and develop 3 cybersecurity engineers focused on compliance tooling and control implementation.
• Prioritize workload, conduct performance reviews, and foster collaboration.
• Bridge technical execution (engineers) and strategic compliance goals.
• Design and monitor security controls to meet compliance requirements.
• Oversee vendor security reviews and third-party risk management.
• Serve as primary point of contact for compliance metrics.
• Help prepare and present compliance reports to senior management and committees.
• Stay current on evolving regulations (SEC, FINRA, CFPB), threats, and frameworks.
• Automate compliance monitoring and reporting using GRC tools.
• Drive initiatives to improve security posture and reduce compliance risk.

**NOTE: The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Bachelor's degree and/or equivalent experience with 8+ years of industry experience Cybersecurity, IT, Risk Management, Governance or related field.
• 5+ years in cybersecurity compliance, risk, or audit within financial services (banking, fintech, brokerage, etc.).
• 2+ years directly leading technical teams.

Talents Needed for Success:

• Proven expertise with GLBA, NYDFS, FFIEC, SOX, PCI-DSS, and NIST CSF/800-53.
• Experience with GRC tools (e.g., RSA Archer, MetricStream, ServiceNow, Qualys).
• Understanding of security controls (IAM, encryption, SIEM, vulnerability management).
• Proficiency in audit management and regulatory reporting.
• Strong leadership, communication, and stakeholder management abilities.

Preferred:

• Experience with cloud compliance (AWS/Azure/Google Cloud Platform) in regulated environments.
• Knowledge of data privacy laws (GDPR, CCPA).
• Certifications - CISSP, CISM, CRISC, CISA, or similar.

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

About Us

With over 50 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From 20 locations around the world, DTCC, through its subsidiaries, automates, centralizes, and standardizes the processing of financial transactions, mitigating risk, increasing transparency, enhancing performance and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm innovates purposefully, simplifying the complexities of clearing, settlement, asset servicing, transaction processing, trade reporting and data services across asset classes, bringing enhanced resilience and soundness to existing financial markets while advancing the digital asset ecosystem. In 2024, DTCC's subsidiaries processed securities transactions valued at U.S. $3.7 quadrillion and its depository subsidiary provided custody and asset servicing for securities issues from over 150 countries and territories valued at U.S. $99 trillion. DTCC's Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes more than 25 billion messages annually. To learn more, please visit us at or connect with us on LinkedIn , X , YouTube , Facebook and Instagram .

DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you'll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It's the chance to make a difference at a company that's truly one of a kind.

Learn more about Clearance and Settlement by clicking here .

About the Team

Enterprise Product & Platform Engineering transforms the way we deliver infrastructure to our business clients. A key construct of EP&PE will be the evolution of the IT Product Manager, who will partner with the Engineering organization, the Business Aligned Service Delivery organization, the DevSecOps organization as well as our operational support teams to ensure that this organization provides high quality, commercially attractive and timely solutions to support our business strategy.