Lead IT Risk and Security Engineer
Chennai, India
Are you ready to make an impact at DTCC?
Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.
Pay and Benefits:
- Competitive compensation, including base pay and annual incentive
- Comprehensive health and life insurance and well-being benefits, based on location
- Pension / Retirement benefits
- Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
- DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day outstanding to each team or employee).
The impact you will have in this role:
IT Security Management & Assurance Team in partnership with Technology and Risk Management protects DTCC assets in managing and reducing the security risks by mitigating the vulnerabilities and threats.
The Lead IT Risk and Security Engineer is focused on partnering with various stakeholders from IT and Technology Risk Organization in leading the Security Vulnerability remediation efforts. Establish sustainable process and procedures to drive the remediation of vulnerabilities across different platforms and network devices. Successful candidates must have strong experience in cybersecurity processes, vulnerability & incident/threat management. Additionally, understanding security patch management lifecycles as well as practical experience in working with Vulnerability management tools will be useful. A prime candidate is proactive, can multitask and work autonomously to support multiple teams and initiatives.
What You'll Do :
- Review Vulnerability scan results for quality, including false positives and actionable remediation steps and track mitigation.
- Analyze, develop and assist in deploying remediation plans for vulnerabilities.
- Develop constant quality improvements of the vulnerability management function, in particular tools and processes.
- Support vulnerability analysis by ensuring optimal coverage of assets. Track and monitor key milestones, after significant change in the environment to identify network, infrastructure, and configuration vulnerabilities.
- Communicate and share technical information with developers and infrastructure teams to drive remediation of vulnerabilities.
- Drive actionable metrics to streamline vulnerability detection, investigation, analysis, and remediation processes.
- Stay informed of latest threats, security vulnerabilities, and recommend solutions for technology in use by the company.
- Assist in leading risk assessments and developing risk-management strategies.
- Mitigates risk by following established procedures and monitoring controls, spotting key errors and demonstrating strong ethical behavior.
Qualifications:
- Minimum of 6 years of related experience.
- Hands on experience in Vulnerability scan.
- Experience in Network-based, application and cloud vulnerability scanners
- Bachelor's degree or equivalent experience
Additional Qualifications:
- Experience in analyzing and generating reports from scanners such as Rapid7, CrowdStrike, AquaSec etc.
- Experience in technical, functional, and operational aspects of cybersecurity incident handling and response.
- Understanding of SAST/DAST scans during application development.
- Prior experience communicating, presenting, and reporting to relevant stakeholders (status, post-incident report).
- Demonstrate understanding of IT security principles, concepts, policy, and regulations.
- Demonstrate ability to effectively document security controls.
- Excellent project management, planning, and analytical skills.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AquaSec Cloud CrowdStrike DAST Monitoring Risk assessment Risk management SAST Vulnerabilities Vulnerability management
Perks/benefits: Competitive pay Flex hours Flex vacation Health care Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs