Application Security Assurance Associate

Are you ready to explore a world of possibilities?

Join our DTCC family, and you'll grow your expertise and become the best version of you. As you embark on a new journey, you'll be supported and surrounded by other professionals as you learn new skills, advance your career, and see the impact of your efforts every day.
Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Retirement benefits
• Paid Time Off and other leave of absence
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (Onsite Tuesdays, Wednesdays and a third day of your choosing)

Why you'll love this job:

Technology Risk Management (TRM) is responsible for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security policies and control standards, acts as a second line of defense via a robust collection of risk and control assessments, reports to leadership and the Board on the status of the IT Risk and Information Security Programs, acts as an operational arm for monitoring threat intelligence, understanding when threats are being targeted against the firm, and responding to potential incidents, and serves as the main interface for Regulatory and Client reviews that focus on IT Risk and Information Security.

The Application Security Assurance program implements a variety of AppSec (Application Security) technologies, controls, tools and processes to ensure delivery teams are able to adhere and align with the Secure System Development Lifecycle to protect DTCC applications from exisiting and emerging security risks & improve application risk posture.
Your Primary Responsibilities:

• Assist in the execution of Application Security Testing (Ethical App Pentest / FOSS / Static or Dynamic Security Testing / Threat Modeling) within the bounds of the Processes and DTCC Control Standards.
• Support data-to-day activities related to Application Security functions.
• Align risk and control processes into day-to-day responsibilities to monitor and mitigate risk, and advance where applicable.
• Collaborate with application development teams on application security assessments.
• Assists others on own team, or other teams where applicable.
• Actively contribute domain expert knowledge to the Security Mavens Community.
• Aligns risk and control processes into day to day responsibilities to monitor and mitigate risk; advances appropriately

NOTE: The Primary Responsibilities of this role are not limited to the details above.
Talents Needed For Success:

• Minimum of 4 years of related experience
• Bachelor's degree preferred or equivalent experience

Additional Qualifications:

• Fosters a culture where honesty and transparency are expected.
• Stays ahead of on changes in their own specialist area and seeks out learning opportunities to ensure knowledge is up-to-date.
• Collaborates well within and across teams.
• Communicates openly with team members and others.
• Resolves disagreements between colleagues effectively, minimizing the impact on the wider team.

Who We Are:
The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.