Hot Job of the Day

DTCC is hiring a Data Security Director

Summary

Being a member of the Technology Risk Management (TRM) team, the Director of Data Security will be leading our initiative to expand the Data Security program capabilities by ensuring adequate controls are in place for unstructured and structured data across on-premise, cloud and SaaS environments. This team will focus on Data Security governance, guidance, and regulatory compliance from a top-down perspective and get hands-on from a bottom-up perspective with continuous monitoring solutions. This includes participating in the evaluation of existing or new solutions with multiple partners to identify the path forward that best addresses the requirements and constraints. This Director will collaborate with colleagues across the firm (e.g., Privacy, TRM, OTR, IT, EDM, Compliance and others) to confirm existing controls, ownership, breadth of coverage, and maturity while problem solving for potential gaps. 

While this is primarily a Second Line of Defense function passionate about governance and guidance there will also be highly technical First Line capabilities to be delivered in tandem with other collaborators (i.e., implementation of a tool that solves control problems for multiple partners). Essentially, this individual is responsible for leading, providing technical direction and strategy, and delivering on all the matters related to the above-mentioned functions. A combination of strong technical skills, problem solving, anticipating needs, and strong people skills is needed to be successful in this role. If you enjoy ambitious work, high visibility, and making things better, this is an opportunity you should consider.

Your Primary Responsibilities:

• Set strategy, provide technical direction, and run day to day operations for TRM Data Security
• Direct a team of impactful professionals and coordinate with various partners and vendors as part TRM ecosystem
• Cultivate and manage relationships with key partners at varying organizational levels
• Generate reports and define and supervise Data Security key performance and risk indicator metrics to show status and progress to TRM management and other partners
• Collaborate with Security Architects, Product Managers, Risk Managers, and other teams to deliver high quality product that meet Data Security controls
• Assist with executive communication to senior leadership teams on the status of the Data Security program
• Partner with senior management on metrics and influencing/persuading to gain acceptance of alternate approaches for solving Data Security challenges
• Identify DTCC “critical” data, where it resides, and the adequacy of controls for that data (e.g., Personally Identifiable Information (PII), Client Confidential Information (CCI), DTCC Confidential Information (DCI – other sensitive content), Material Non-Public Information (MNPI))
• Ensure compliance with regulations for the jurisdictions where DTCC has a presence and maintain a comprehensive view of Data Security regulations from a TRM perspective (i.e., supplements Privacy perspective)
• Lead the DTCC Data Security Working Group
• Update TRM Policies and Control Standards related to Data Classification, Data Security, Structured Data, and Unstructured Data for On-Premise, Cloud, and SaaS
• Address Data Security control gaps directly or indirectly depending on the control owner
• Collaborate with Privacy, TRM, OTR, IT, EDM, Compliance and others on data security controls for AI/ML Large Language Models (LLMs) and Post-Quantum Cryptography/Post-Quantum Encryption controls
• Ensure data security controls are in place from a “cradle to grave” perspective from data creation through data destruction
• Mitigates risk by bringing to bear established procedures, spotting key errors, and demonstrating strong ethical behavior

Qualifications:

• 10+ years of sophisticated IT/Information Security/Cybersecurity experience
• Bachelor’s degree preferred or equivalent experience 

Talents Needed for Success:

• Understanding of network, operating system, database, applications (e.g., APIs, EDSO), cloud, containers, microservices, SaaS, all data types, and new technologies
• Domain specialist in several security technologies (depth) with ability to lead across enterprise Data Security functions (breadth)
• Understanding of CIA triad, encryption, secrets management, zero trust security model, API security
• Strong executive presence with a keen ability for facilitating technical conversations between engineering and operations as well as risk management conversations between technical and business parties.
• Experience in leading global teams, remote employees and evaluating team member performance and offering career development mentorship
• Strong planning and project management skills; able to work under stress, multitask and be flexible
• Data analysis experience with advanced to expert level Excel functions, manipulate large CSV files in Notepad++ or other editor, SQL or other database query language, scripting tools (e.g., shell scripts, perl, python, etc.), MS Power Automate, MS PowerBI, MS PowerPoint with infographics
• Highly desired – one or more of the following active certifications CISSP, CIPM/CIPT, CDPSE

Previous Hot Jobs

See All Jobs