Threat Management Manager

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

Cyber Threat Fusion Center (CTFC) is responsible for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security. Threat Management ensures security monitoring controls provide proper coverage, data quality, and effectiveness to improve DTCC's ability to properly identify current cyber threats, monitor, and detect suspicious activities or instances of data loss.

Your Primary Responsibilities: 

• Manage a team of cyber security professionals who can design and implement security monitoring controls
• Lead technical PoC evaluations and onboarding of new security technologies.
• Drive continuous improvement of technology, processes, and procedures to align with stakeholder needs.
• Ensure alignment with enterprise security architecture and compliance standards.
• Collaborate with internal stakeholders and vendors to ensure robust and scalable integrations.
• Design and maintain automated playbooks for incident response and threat remediation.
• Optimize SOAR workflows to reduce manual effort and improve response times.
• Conduct regular assessments of existing security tools and processes to identify gaps or inefficiencies.
• Develop and maintain a technology roadmap aligned with business and security objectives.
• Collaborate with architecture and engineering teams to prioritize and implement gap remediation strategies.
• Track and report on gap closure progress and impact on overall security posture.
• Establish performance metrics and key performance indicators (KPIs) to measure the effectiveness of the Security Integration and Orchestration program

Qualifications:

• Minimum of 8 years of related experience
• Bachelor's degree preferred or equivalent experience

Talents Needed for Success:

• Deep understanding of integrating tools like QRadar, Syslog-NG, SOAR, Armis IoT, Reversing Labs, and Zscaler into the incident response ecosystem. 
• Experience with SOAR platforms and case management systems, including playbook creation and automation workflows.
• Ability to identify technology gaps in security monitoring and develop actionable remediation plans.
• Skills in enriching security event data to improve detection and response efficiency
• Capable of defining objectives and scope for orchestration initiatives and aligning them with business use cases.
• Proficiency in Python, PowerShell, Bash, or Perl to automate compliance checks, data parsing, and reporting.
• Proficiency in generating reports and metrics to measure orchestration effectiveness and tool coverage.
• Experience in coordinating with external vendors for tool integration and support
• Regular engagement with incident response, Network Penetration and other Cyber Fusion Center teams to ensure alignment and operational readiness.
• Skilled in managing stakeholder expectations, facilitating discussions, and driving consensus across technical and business teams 
• Highlights the expected benefits of new actions and strategies to help others overcome fears of change.
• Fosters a culture where honesty and transparency are expected.
• Proactively seeks feedback from others on his/her own performance.
• Ensures that regular feedback is given in a constructive and behaviorally oriented manner.
• Supports an environment where individuals are respected for their contributions.

 Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

---