Director IT Embedded Risk

Are you ready to make an impact at DTCC?
Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.
The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.

Pay and Benefits: 

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The impact you will have in this role:

An IT Risk Director has primary responsibility for supporting IT Risk Center of Excellence and conducting RCSA, managing the risk profile of IT capabilities, analyze and remediate risk items (e.g., issues, policy deviations), and for proactively identifying gaps in processes and controls.

The incumbent will complete and support issues across IT, manage deadlines and collaborator expectations, and lead or participate in Risk remediation projects

In carrying these responsibilities, the incumbent must work collaboratively with the various Delivery teams, other risk & control functions (e.g., Internal Audit, Technology Risk Management), as well as with IT line management (1st line).

Your Primary Responsibilities:

• Enhance proactive identification of Risk issues
• Develop and strengthen relationships with IT partners and control evaluation functions across the 3 lines of defense 
• Develop, communicate, and ensure alignment to department risk policies, procedures and standard methodologies 
• Advise and periodically review inherent and residual risk assessments for supported IT capabilities for their impact on business and functional areas incorporating indicators of control environment strength (e.g., key metrics, issues) 
• Contribute to reviews, and validate the accuracy of, risk assessments conducted by the second line of defense (New Initiatives, Third Party Risk, Compliance)
• Reassess existing processes and create new ones that most effectively anticipate, lead and reduce risk to DTCC and its participants
• Cultivate an environment of regulatory awareness and ensure regulatory compliance
• Demonstrate and embed the behaviors and proficiencies that build a risk management attitude in your organization
• Support ongoing staff education; mentor and develop team members on technical capabilities and risk management concepts
• Drive successful action plan and issue closures by assessing root causes of issues, defining appropriate action plans, and ensuring sustainability of implemented solutions
• Support reviews of initiative portfolio risks with initiative sponsors, key collaborators and the New Initiatives Office
• Lead review of risk incidents, corresponding root cause analysis and remediation plan development.  Proactively identify issues and trends resulting from risk incidents

**NOTE:  The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Minimum of 10 years of related experience
• Bachelor's degree preferred or equivalent experience

Talents Needed for Success:

• 10+ years’ experience as a senior risk and control professional, preferably within technical auditing/ examination and focus in financial services industry (or other highly supervised industry)
• Background in financial services information technology or Big 4 technical advisory services a plus
• Cybersecurity and Cloud security experience highly desirable
• Knowledge about AI Governance and usage of AI for IT Risk would be advantageous. 
• Highly motivated, diligent, self-starter, who can set priorities, take initiative and work both independently and proactively in a diverse, multi-location team environment
• Excellent analytical and problem-solving including for data identification, analysis, measurement and reporting
• Excellent written and verbal communication skills; ability to tailor messaging to various levels of management including to risk committees
• Demonstrated ability to oversee and be responsible for an IT risk team that serves as a decision-making tool for management
• Strong planning and project management skills; ability to define, communicate and balance priorities across the team
• Knowledge of the security markets, post-trade processing and clearing and settlement infrastructure preferred
• Ability to lead technical, risk focused discussions with key collaborators to analyze vulnerabilities and deviations from standards (e.g., security requirements)
• Understanding and working knowledge of Middleware technologies including distributed messaging technologies (IBM MQ), API management (Apigee edge) and web & application servers (Apache Tomcat)
• Understanding and working knowledge of architectural concepts including: application, platform and security architecture; architectural governance (e.g., measurement of technology debt, architectural drift); and performance, resiliency, and operability principles
• Exposure to risk and control concepts including process mapping (flow diagrams), risk and control identification, control evaluation (design and operating effectiveness), and related reporting is a plus

Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork.  When you join our team, you’ll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It’s the chance to make a difference at a company that’s truly one of a kind.

Learn more about Clearance and Settlement by clicking here.

IT Risk and Data Services department seeks to meet our clients’ needs by capitalizing on the progress made in both the Risk Technology Program and the Data Analytics work and driving adoption of these capabilities across the enterprise. Important initiatives like the Modernization and Resiliency Programs count on these foundational capabilities to succeed.