Technology Risk Metrics & Reporting- Associate Director

DTCC Jersey City, NJ Full Time
Jersey City, NJ
64 days ago

Full Job Description

Are you ready to explore a world of possibilities?

Join our DTCC family, and you’ll grow your expertise and become the best version of you. As you embark on a new journey, you’ll tackle challenges with flexibility and grace, learning new skills and advancing your career while having the time of your life.

Why You'll Love This Job:

The Operational Technology Risk (OTR) Metrics Team is responsible for defining and implementing metrics and reports that communicate the DTCC technology / cybersecurity risk posture which are relied upon by some of the highest levels of management in the organization for decision making including Management and Board level committees.

This incumbent is responsible to communicate and summarize sophisticated technical concepts and related risk analysis results to business and technology leaders. Risk analysis and reporting includes both qualitative and quantitative cybersecurity performance and efficiency measurements through metrics. The role will partner with stakeholders across the organization to support reporting of key technology risk management related governance, risk and compliance activities.

In addition to possessing core security and technology / risk knowledge the candidate must be highly organized with project management experience. Strong verbal and written communication skills are required, and the candidate should be comfortable in addressing and interacting with senior management. Being flexible and be able to run multiple deliveries within rigid target delivery dates are fundamental skills required for a candidate to be successful in this role.

Primary Responsibilities
  • Implement and improve the Technology Risk Metrics & Reporting program framework and underlying processes.
  • Ensure Program documentation is maintained up to date.
  • Lead standard operational metric and reporting activities including:
  • Oversight and hands on responsibility of production reporting processes and delivery (from monthly planning to execution and status updates)
  • Maintenance of metric and report inventories
  • Management of new metrics and reporting in development and providing updates on status
  • Oversight and hands on responsibility of operational reporting tools and automation execution
  • Product Manager for report automation project initial implementation and improvements
  • Identification and development of new metrics and the improvement of existing metrics to improve DTCC information and cybersecurity risk reporting.
  • Creation new reports to improve communication of risks to management
  • Collaborate with IT, business, OTR and other key partners to identify, develop and implement cybersecurity risk metrics that provide a holistic view of technology risks for the DTCC business units
  • Perform analysis on risk and metric information to identify performance trends; Define and agree risk thresholds with business, IT and TRM partners
  • Actively coordinate and communicate metric and reporting activities and tasks to key partners in both business areas and IT; Identify and collaborate with partners for improvement of risk metrics
  • Review risk metric results and provide input to information security reporting and dashboards.
  • Develop new regulatory reporting required for new and existing regulatory requirements
  • Drive the metrics program to a higher level of maturity
  • Lead the execution of audit related metrics and reporting requirements
  • Delivery of Cybersecurity Operational Risk : Annual Report, Quarterly Risk Dashboard Report and other related reporting
  • Completion of Metric and Reporting Annual reviews

**NOTE: Responsibilities of this role are not limited to the details above. **

Talents Needed For Success:
  • 7+ years industry experience in information / cyber security or information risk management
  • Bachelor’s degree required.
  • CISSP/CRISC/GCCC certification or similar preferred
  • Project /Product management experience
  • Financial Services Industry experience a plus but not required
Additional Qualifications
  • Experience in the development of metrics, Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs)
  • Experience in cybersecurity governance, policy and risk management
  • Experience in developing risk profiles and conducting cybersecurity and technology assessments
  • Ability to explain and articulate technical concepts using non-technical language
  • Knowledge of security methodologies, policies, standards and best practices preferred
  • Knowledge of information technology systems, infrastructure and operations preferred
  • Proficient with Microsoft Word, Excel, and PowerPoint
  • Work closely by building consensus and influencing decision making to foster forward progress with projects and initiatives
  • Excellent organizational skills, coupled with ability to be versatile and flexible
  • Sound business judgment and the ability to work efficiently
  • Excellent grammar and style skills; ability to adapt writing style for different audiences and media

We offer top class training and development for you to be an asset in our organization!

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.