Lead Security Compliance Engineer

Are you ready to explore a world of possibilities?

Join our DTCC family, and you'll grow your expertise and become the best version of you. As you embark on a new journey, you'll be supported and surrounded by other experts as you learn new skills, advance your career, and see the impact of your efforts every day.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Retirement benefits
• Paid Time Off and other leave of absence
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (Onsite Tuesdays, Wednesdays and a third day of your choosing)

The impact you will have in this role:

Being a member of the Cybersecurity team, Lead Security Compliance Engineer is responsible for implementing and managing the organization's security compliance initiatives to ensure consistency to regulatory requirements, internal policies, and industry standards. This role will work closely with multi-functional teams, including security operations, risk management, IT, legal, and audit, to ensure that security controls are effectively implemented, supervised, and continuously improved.

Your Primary Responsibilities:

• As member of cybersecurity engineering team, implement and operate compliance monitoring tools like Qualys, IBM Guardium, Rapid 7, AquaSec and Wiz.
• Supervise compliance across various operating systems, applications, network appliances and cloud platforms.
• Collaborate with various platform teams to ensure technical security controls meet compliance requirements.
• Lead and support security compliance efforts across frameworks such as NIST, CIS,ISO 27001, SOC2 & PCI-DSS
• Coordinate internal and external audits, including evidence gathering, control testing, and remediation tracking.
• Evaluate and recommend tools for control automation and monitoring.
• Implement and validate security policies, standards, and procedures in alignment with compliance obligations.
• Support risk assessments by identifying gaps in security controls and proposing remediation plans.
• Participate in vendor and third-party risk assessments.
• Maintain and improve the cybersecurity policy framework.
• Continuously supervise security compliance metrics and key performance indicators (KPIs).
• Prepare compliance status reports for senior leadership, regulators, and auditors.
• Provide guidance to continuous improvement of the compliance monitoring program.

**NOTE: The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or related field and/or equivalent experience
• Minimum 8+ years of extensive all-round experience in the field of Cybersecurity with expertise in security compliance and audit.

Talents Needed for Success:

• Strong understanding of security controls in cloud environments (e.g., AWS, Azure, Google Cloud Platform).
• Familiarity with identity and access management (IAM), endpoint protection, SIEM, and vulnerability management systems.
• Knowledge of Data Governance, Data Protection, Data Loss Protection technologies, Database Activity Monitoring tools and CASB
• Strong communication and interpersonal skills, including executive communication to senior leadership with focus towards building bridges with key collaborators.
• Strong critical thinking and problem-solving skills to resolve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity.
• Industry security certifications such as CISA, CISM, CRISC, CISSP.
• Industry certifications in Cloud such as AWS, Azure.

Leadership Competencies for this level include.

• Feedback: Seeks feedback from others, provides feedback to others in support of their development, and is open and honest while dealing constructively with feedback.
• Delegating: Effectively manages tasks and people, taking a practical approach to determine the most effective method of execution while respecting others' expertise and considering others' feelings and working styles.
• Inclusive Leadership: Values individuals and embraces diversity by integrating differences and promoting diversity and inclusion across teams and functions.
• Mentoring: Understands and anticipates people's needs, skills, and abilities, to coach, motivate and empower them for success.

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

About Us

With over 50 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From 20 locations around the world, DTCC, through its subsidiaries, automates, centralizes, and standardizes the processing of financial transactions, mitigating risk, increasing transparency, enhancing performance and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm innovates purposefully, simplifying the complexities of clearing, settlement, asset servicing, transaction processing, trade reporting and data services across asset classes, bringing enhanced resilience and soundness to existing financial markets while advancing the digital asset ecosystem. In 2024, DTCC's subsidiaries processed securities transactions valued at U.S. $3.7 quadrillion and its depository subsidiary provided custody and asset servicing for securities issues from over 150 countries and territories valued at U.S. $99 trillion. DTCC's Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes more than 25 billion messages annually. To learn more, please visit us at or connect with us on LinkedIn , X , YouTube , Facebook and Instagram .

DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you'll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It's the chance to make a difference at a company that's truly one of a kind.

Learn more about Clearance and Settlement by clicking here .

About the Team

Enterprise Product & Platform Engineering transforms the way we deliver infrastructure to our business clients. A key construct of EP&PE will be the evolution of the IT Product Manager, who will partner with the Engineering organization, the Business Aligned Service Delivery organization, the DevSecOps organization as well as our operational support teams to ensure that this organization provides high quality, commercially attractive and timely solutions to support our business strategy.