Job Description :

Kindly find the mention JD

Position Title: Sr. Technology Risk Analyst

Tampa FL

12 months contract minimum

Job Summary/Basic Function:
Technology Risk Management Security Program Governance ensures DTCC is complying with best practices as defined in NIST Cyber Security Framework. Additional staffing is required to assist with assessments of cyber technology areas. The ideal candidate has done related work for five or more years, and has a thorough knowledge of the IT threat landscape, including emerging and advanced persistent threats, as well as controls and technology to minimize attack surfaces. The incumbent should have a strong understanding of cyber security methodologies, frameworks, and regulations.

Principal Responsibilities:
Identify controls in targeted cyber security areas through review of core processes and procedures.
Ability to create test procedures to confirm identified controls are designed and operating effectively.
Assess compliance to identified controls through pre-defined test steps.
Identify gaps across tested controls.
Ensure targeted area being assessed meets all industry regulations, standards, and compliance requirements.
Understand DTCC’s Information Security (IS) policies, control standards, and requirements to ensure targeted areas being assessed are in compliance.
Review results and meet with subject matter experts and process owners to determine the appropriate course of action and remediation plans.
Enforce processes for continuous assessment monitoring.

Experience working in cross-departmental teams and leading efforts through collaboration and influence is required.
Project management experience, the ability to plan, manage and execute an assessment from start to finish.
Measure, analyze data and report on trends, themes, and potential risks to assist in developing and delivering appropriate remediation plans.
Familiar with ISO/IEC 27001/27002:2013, NIST Cybersecurity Framework, NIST Special Publication (SP) 800-53 Revision 4) is required.
Understand the concepts of information risk and the different elements that make up risk. In addition, understand the different concepts of information security.
Ability to work efficiently and independently with minimal supervision (i.e., self-motivated, proactive, and willing to stretch to meet important deadlines
Experience establishing and maintaining effective relationships with internal customers, DTCC’s third party vendors, and team members.
Experience writing skills to support thorough documentation of tested controls and communicating information security principles at all levels from executives to non-technical employees.

Knowledge and Skills Required:
Demonstrated flexibility, cooperation, collegiality and teamwork abilities
Excellent communication, writing and interpersonal skills
Extremely strong attention to detail
Multi-tasking and follow-up skills
Confidence and presence when working with senior management
Proven knowledge of technical infrastructure, networks, databases and systems and how they affect an organization''s cybersecurity risk
Proven knowledge of security methodologies, policies, standards and best practices
Strong technology background, including concepts such as application development, change management, and enterprise infrastructure
Ability to explain and articulate technical concepts using both technical and non-technical language
Multi-tasking and follow-up skills
Proficient in PowerPoint, Excel and Word
Experience with Microsoft Visio (preferred)

Education, Training &/or Certification:
College degree in Business Management / Computer Science
CISA, CISM, CISSP, CRISC or equivalent certification

Physical Requirements:
Ability to lift and carry files and materials.
Position requires adequate vision, hearing and manual dexterity to interact with people in person, on the phone, via teleconferencing and in writing.
Job takes place in normal environmental conditions.


Vijay Chaudhary

P  ext - 106

Email :