Information Security Manager posted by DTCC

Job Description

Associate Director Information Security

Are you ready to explore a world of possibilities? 

Join our DTCC family, and you’ll grow your expertise and become the best version of you. As you embark on a new journey, you’ll tackle challenges with flexibility and grace, learning new skills and advancing your career while having the time of your life.

Why You'll Love This Job:

Protect DTCC from cybersecurity risks through world class cyber risk management, talent and governance practices.

Vision - A strong adaptive cybersecurity environment that continuously secures & protects DTCC and its services to the financial industry.

Security Engineering and Operations manages and maintains solutions which collect, monitor and report IT security-relevant data to enable a couple of key actions:

Technology Risk Management teams to detect and mitigate cyber security events

Enable IT to address vulnerabilities in the infrastructure and be compliant to corporate security policies

This role has responsibility within Security Engineering and Operations team to lead the Security Operations team in the Chennai office. The four primary services behind Security Area are Compliance Security Baseline, Security Event Management, Host and Networking Monitoring, Vulnerability Management

The Associate Director is a technical security manager responsible for building a new Security Operations team comprised of Information Security professionals who will provide Production support across multiple security technologies.  He/She will also play a key role on the leadership team to drive the next generation of Security Engineering and Operations within the company

Your Responsibilities:

• Accountable, Support and manage the Production Operations Services in ITSM based on Service Management (ITIL) processes (IM/CM/PM/Configuration/Fulfillment)
• Responsible for the security services in Production are being provided at highest quality of services, as aligned to Site Reliability Engineering principles
• Vendor Management for Operations including Service Quality and Performance Monitoring
• Contribute towards continual service & process improvements activities related to the delivery of Security Operations services using Site Reliability Engineering (SRE) principles
• Responsible for creation, design of new security services and technologies to ensure requirements for Production Management is communicated
• Responsible to manage Technology Adoption & Process Permit to Operate (on Prem and Cloud Solutions)
• Maintain the SLAs in Infrastructure Services and Internal Security KPI and KRI
• Participate in the creation of a technical plan (new Security Technology, new deployment, etc.) to incorporate new technologies in the operation services
• Be Incident commander on incident calls for the team when our security services are not available in Production and drive to root cause analysis
• Align risks and control processes into day to day responsbilities to monitor and mitigate risk escalate appropriately .

Talents Needed For Success:

• Strong Information Security Operations (managing security services in Production Support Lead role) experience at a previous financial services company preferred.
• Understanding and working knowledge of Site Reliability Engineering principles
• Strong, demonstrable experience in Security Engineering, design, and implementation
• Demonstrate strong working experience in network & application security, Identity Access Management, and Vulnerability Management, Security Information & Event Management (SIEM)
• ITIL v3 minimal (Information Technology Infrastructure library) certification, preferred
• Strong experience of Information Security policies and procedures and participating in internal audits
• Working experience on Cloud Security
• Experience working with vendors in a SaaS (software as a service) model
• Ability to proactively & effectively manage risk on high-risk projects
• Experience to Crisis & Conflict management.

 Who We Are: 

With over 45 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From operating facilities, data centers and offices in 16 countries, DTCC, through its subsidiaries, automates, centralizes and standardizes the processing of financial transactions, mitigating risk, increasing transparency and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm simplifies the complexities of clearing, settlement, asset servicing, data management, data reporting and information services across asset classes, bringing increased security and soundness to financial markets. In 2018, DTCC’s subsidiaries processed securities transactions valued at more than U.S. $1.85 quadrillion. Its depository provides custody and asset servicing for securities issues from 170 countries and territories valued at U.S. $52.2 trillion. DTCC’s Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes over 14 billion messages annually. To learn more, please visit us at [ Link removed ]  or connect with us on [ Link removed ] , [ Link removed ] , [ Link removed ]  and [ Link removed ]