Cyber Security Control Testing & Validation Associate Director

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

In this role, you will play a critical role in shaping and executing the Credible Challenge assessment program within the Cyber Security Risk Office. Your work will directly contribute to strengthening DTCC’s cyber risk governance by independently assessing First Line cyber security functions and evaluating the design and effectiveness of controls.

You will work closely with CSRO leadership and First Line stakeholders to perform structured assessments, analyze evidence, identify risks and control gaps, and support clear, defensible assessment conclusions.

• Lead and execute Credible Challenge assessments of First Line cyber security functions, including planning, scoping, fieldwork, and documentation.
• Perform walkthroughs, interviews, and evidence reviews to assess control design and operating effectiveness.
• Evaluate alignment of First Line practices to policies, standards, regulatory expectations, and cyber security frameworks.
• Identify, assess, and communicate material risks, control gaps, and thematic issues.
• Review and approve assessment documentation and conclusions for quality and consistency.
• Engage with senior CSRO and First Line stakeholders to discuss assessment results and remediation.
• Mentor and provide oversight to junior Credible Challenge Assessors.
• Contribute to continuous improvement of the Credible Challenge methodology, standards, and templates.

NOTE:

The primary responsibilities of this role are not limited to the details above.

• Bachelors degree preferred or equivalent experience
• Minimum of 8 years of related experience in cyber security, cyber operations, cyber risk, IT audit, or technology risk.
• Professional certifications such as CISSP, CISA, CRISC or equivalent are a plus.

• Hands-on experience performing cyber security assessments or control testing.
• Strong analytical, documentation, and communication skills.

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations.