Cyber Security Risk Treatment Senior Associate

Cyber Security Risk Treatment Senior Associate

DTCC 4.8

( ) Coppell, TX on company site for later Why you should apply for a job to

DTCC :

Ranked as one of the 4.8/5 in overall job satisfaction 4.9/5 in supportive management 95% say women are treated fairly and equally to men 98% would recommend this company to other women 100% say the CEO supports gender diversity Ratings are based on anonymous reviews by Fairygodboss members. See all reviews 100% rating on the Corporate Equality Index and was recognized as one of the Best Places to Work for LGBTQ Equality. Flexible + Hybrid work options available Corporate Social Responsibility initiative focuses on charitable giving and volunteerism. # 212906 Position summary tional well-being. DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee). The Impact you will have in this role : Cyber Security Risk Office (CSRO) is responsible for setting strategic direction in the areas of cybersecurity. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the Cyber Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on cybersecurity. Risk Treatment is responsible for the oversight, management, facilitation and reporting of the Risk Treatment (Policy Deviation and Risk Acceptance) for Technology and Information Security related risks. Responsible for identifying, managing, measuring, and mitigating a spectrum of technology and security related risks in existing and new products, activities, processes, and systems. Accountable for providing advanced technical, analytical and management skills to CSRO.

Your Primary Responsibilities :

Manage day-to-day intake, tracking, and progression of Policy Deviation (PD) and Risk Acceptance (RA) submissions through their full lifecycle, including renewals, extensions, and closure validation. Perform initial completeness and quality checks on PD and RA submissions to confirm alignment with documented procedures, required artifacts, and governance standards prior to second-line review. Maintain accurate status tracking for all open items, including aging, upcoming expirations, and SLA adherence, escalating concerns to program leadership as needed. Support risk treatment and policy deviation governance forums (e.g., CRTL forums, leadership reviews) through agenda coordination, materials preparation, and action item tracking. Document decisions, approvals, and conditions to ensure traceability, transparency, and defensible governance outcomes. Produce and maintain risk treatment and policy deviation metrics, including lifecycle performance, aging trends, renewals, and items approaching or exceeding tolerance thresholds. Support risk tolerance updates to enterprise metric repositories (e.g., IBM BPM or successor platforms) and validate data accuracy and consistency. Prepare standard and ad-hoc reporting materials for senior management, governance committees, and audit or regulatory inquiries. Maintain PD and RA procedures, job aids, templates, and governance documentation, including publication and upkeep in Navex or successor systems. Ensure documentation, evidence, and decision records meet internal audit, regulatory, and examination standards. Act as an operational point of contact for first line teams submitting PD and RA requests, providing guidance on process expectations, timelines, and documentation requirements. Partner with Cyber Security Risk Office stakeholders to ensure consistent application of risk treatment standards and governance practices. Identify recurring issues, thematic trends, or control gaps emerging from PD and RA activity and escalate insights to program leadership for credible challenge and prioritization. Support program initiatives such as tooling enhancements (e.g., RAPD migration to SmartSuite), lifecycle standardization, and reporting enablement. •

NOTE:

The Primary Responsibilities of this role are not limited to the details above. •

Qualifications:

Bachelor's degree preferred or equivalent experience Minimum of 6 years of related experience in cybersecurity risk management, technology risk, remediation tracking, or GRC program operations. Talents Needed for

Success:

Strong organizational, analytical, and documentation skills with high attention to detail. Experience supporting risk exceptions, policy deviations, or remediation oversight in a regulated environment preferred. Experience with GRC tools, data visualization tools, data warehouse (e.g., Power BI, Snowflake, Archer, SmartSuite, ServiceNow). The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation . About Us With over 50 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From 20 locations around the world, DTCC, through its subsidiaries, automates, centralizes, and standardizes the processing of financial transactions, mitigating risk, increasing transparency, enhancing performance and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm innovates purposefully, simplifying the complexities of clearing, settlement, asset servicing, transaction processing, trade reporting and data services across asset classes, bringing enhanced resilience and soundness to existing financial markets while advancing the digital asset ecosystem. In 2024, DTCC's subsidiaries processed securities transactions valued at U.S. $3.7 quadrillion and its depository subsidiary provided custody and asset servicing for securities issues from over 150 countries and territories valued at U.S. $99 trillion. DTCC's Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes more than 25 billion messages annually. To learn more, please visit us at https://www.dtcc.com or connect with us on LinkedIn , X , YouTube , Facebook and Instagram . DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you'll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It's the chance to make a difference at a company that's truly one of a kind. Learn more about Clearance and Settlement by clicking here . About the Team Our Risk Management teams work to protect the safety and soundness of our systems and are responsible for identifying, managing, measuring and mitigating a spectrum of key risk types including credit, market, liquidity, systemic, operational and technology in all existing and new products, activities, processes and systems. Why you should apply for a job to

DTCC :

Ranked as one of the 4.8/5 in overall job satisfaction 4.9/5 in supportive management 95% say women are treated fairly and equally to men 98% would recommend this company to other women 100% say the CEO supports gender diversity Ratings are based on anonymous reviews by Fairygodboss members. See all reviews 100% rating on the Corporate Equality Index and was recognized as one of the Best Places to Work for LGBTQ Equality. Flexible + Hybrid work options available Corporate Social Responsibility initiative focuses on charitable giving and volunteerism.