Cyber Security Control Testing & Validation Associate

Job Title

Cyber Security Risk Office Credible Challenge Assessment Specialist

Job Description

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role :

In this role, you will play a key part in executing the Credible Challenge assessment program within the Cyber Security Risk Office. Your work will directly contribute to strengthening DTCC's cyber risk governance by independently assessing First Line cyber security functions and evaluating the design and effectiveness of controls.

You will work closely with CSRO leadership, assessment leads, and First Line stakeholders to perform structured assessments, analyze evidence, identify risks and control gaps, and support clear, defensible assessment conclusions.

Your Primary Responsibilities :

• Execute Credible Challenge assessments of First Line cyber security functions, including planning, scoping, fieldwork, and documentation.
• Perform walkthroughs, interviews, and evidence reviews to assess control design and operating effectiveness.
• Evaluate alignment of First Line practices to internal policies, standards, and cyber security frameworks.
• Analyze assessment results to identify risks, control gaps, and themes.
• Draft assessment documentation and analysis summaries in accordance with Credible Challenge standards.
• Track assessment progress, issues, and action items and support timely escalation.
• Partner with Credible Challenge leads to ensure consistency and quality across assessments.
• Support continuous improvement of assessment procedures and templates.

**NOTE: The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Bachelor's degree preferred or equivalent experience
• Minimum of 4 years of related experience in cyber security, cyber operations, cyber risk, IT audit, or technology risk
• Professional certifications such as CISSP, CISA or equivalent are a plus.

Talents Needed for Success:

• Hands-on experience performing cyber security assessments or control testing.
• Strong analytical, documentation, and communication skills.

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.