Job Description :
Prefer local candidates in NJ only, Indefinite, possible temp to hire
Only GC, GC ead, USC
Jersey City
Job title: Cybersecurity Regulatory Governance Lead
The Technology Risk Management organization provides information and technology risk management services focused on business resiliency, cybersecurity, technology risk and crisis management to DTCC business and shared services areas. The Business and Government Cybersecurity Partnerships (BAGCP) serves to align the TRM cybersecurity program with the business risk management objectives to secure the business operations and client expectations. BAGCP also demonstrates DTCCs leadership in cybersecurity matters within the Financial Services Sector by advocating solutions on cybersecurity challenges through its partnership with government, regulatory/supervisory agencies and industry groups. BAGCP provides this through
Actively supporting the business and shared services in the implementation of TRM services
Measuring and reporting adherence to DTCCs regulatory and supervisory cybersecurity obligations
Educating and developing cyber solutions, domestically and internationally, through strategic partnerships with government, regulatory and supervisory agencies and industry groups
The Cybersecurity Regulatory Governance Lead is accountable for the development, testing, and reporting of DTCCs cybersecurity regulatory obligations. The role is also responsible for the coordination of the organization’s responses to request for comments on cybersecurity rules, rules interpretation and guidance. This function is the primary interface for the DTCC Compliance Testing organization and will support the Business Information Security Officer (BISO) in communicating compliance gaps to the business
Identify new and upcoming cybersecurity and cyber resiliency regulatory and supervisory requests for comment on new rules, rules interpretations and guidance; Develop and execute a process to address cybersecurity supervisory requests for comments
Develop and maintain a comprehensive understanding of the applicable cyber laws and regulations as well as requirements and resulting controls that enable compliance
Serve as an authoritative resource on current and emerging cybersecurity compliance rules, rules interpretations and guidance
Develop the assessment program to review DTCC Business and Shared Services areas against their cybersecurity regulatory obligations
Ensure that new cybersecurity regulations are understood throughout the organization; Identify potential changes that may be required to DTCC IS Policy and Standards
Partner with DTCC Compliance to enhance the current Compliance Framework to include controls and controls testing for cyber regulations
Partner with the BISOs to communicate regulatory compliance to the DTCC business areas