Cyber Security Control Testing And Validation Associate

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

The Cyber Security Risk Office (CSRO) is responsible for setting strategic direction in the areas of IT Risk and Information Security. CSRO maintains corporate security policies and control standards, acts as a second line of defense through structured credible challenge assessments, reports to leadership and the Board on the status of cyber and technology risk programs, and serves as a primary interface for regulatory and client reviews focused on cyber security and technology risk.

CSRO is seeking a Credible Challenge Assessor at the Associate level to execute independent assessments of First Line cyber security functions. This role is execution-focused and supports the Credible Challenge program by performing assessment planning, fieldwork, analysis, and documentation. The role is well suited for candidates with experience in cyber operations, cyber security assessments, IT audit, or cyber risk management who are looking to apply their technical expertise within a second line oversight function.

Pay And Benefits

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).
  
  

The Impact You Will Have In This Role

In this role, you will play a key part in executing the Credible Challenge assessment program within the Cyber Security Risk Office. Your work will directly contribute to strengthening DTCC’s cyber risk governance by independently assessing First Line cyber security functions and evaluating the design and effectiveness of controls.

You will work closely with CSRO leadership, assessment leads, and First Line stakeholders to perform structured assessments, analyze evidence, identify risks and control gaps, and support clear, defensible assessment conclusions.

Your Primary Responsibilities

• Execute Credible Challenge assessments of First Line cyber security functions, including planning, scoping, fieldwork, and documentation.
• Perform walkthroughs, interviews, and evidence reviews to assess control design and operating effectiveness.
• Evaluate alignment of First Line practices to internal policies, standards, and cyber security frameworks.
• Analyze assessment results to identify risks, control gaps, and themes.
• Draft assessment documentation and analysis summaries in accordance with Credible Challenge standards.
• Track assessment progress, issues, and action items and support timely escalation.
• Partner with Credible Challenge leads to ensure consistency and quality across assessments.
• Support continuous improvement of assessment procedures and templates.
  
  

Qualifications

• Minimum of 6 years of related experience
• Bachelors degree preferred or equivalent experience
  
  

Talents Needed For Success

4 to 6 years of related experience in cyber security, cyber operations, cyber risk, IT audit, or technology risk.

• Hands-on experience performing cyber security assessments or control testing.
• Professional certifications such as CISSP, CISA or equivalent are a plus.
• Strong analytical, documentation, and communication skills.
  
  

Actual salary is determined based on the role, location, individual experience, skills, and other considerations.We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

---