Lead Security Compliance Engineer

Company:	DTCC
Location:	New York, NY, USA
Type:	Full-Time
Salary:	Not Provided

Requirements

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or related field and/or equivalent experience
• Minimum 8+ years of extensive all-round experience in the field of Cybersecurity with expertise in security compliance and audit.

Responsibilities

• Implement and operate compliance monitoring tools like Qualys, IBM Guardium, Rapid 7, AquaSec and Wiz.
• Supervise compliance across various operating systems, applications, network appliances and cloud platforms.
• Collaborate with various platform teams to ensure technical security controls meet compliance requirements.
• Lead and support security compliance efforts across frameworks such as NIST, CIS, ISO 27001, SOC2 & PCI-DSS.
• Coordinate internal and external audits, including evidence gathering, control testing, and remediation tracking.
• Evaluate and recommend tools for control automation and monitoring.
• Implement and validate security policies, standards, and procedures in alignment with compliance obligations.
• Support risk assessments by identifying gaps in security controls and proposing remediation plans.
• Participate in vendor and third-party risk assessments.
• Maintain and improve the cybersecurity policy framework.
• Continuously supervise security compliance metrics and key performance indicators (KPIs).
• Prepare compliance status reports for senior leadership, regulators, and auditors.
• Provide guidance to continuous improvement of the compliance monitoring program.

Preferred Qualifications

• Strong understanding of security controls in cloud environments (e.g., AWS, Azure, GCP).
• Familiarity with identity and access management (IAM), endpoint protection, SIEM, and vulnerability management systems.
• Knowledge of Data Governance, Data Protection, Data Loss Protection technologies, Database Activity Monitoring tools and CASB
• Strong communication and interpersonal skills, including executive communication to senior leadership with focus towards building bridges with key collaborators.
• Strong critical thinking and problem-solving skills to resolve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity.
• Industry security certifications such as CISA, CISM, CRISC, CISSP.
• Industry certifications in Cloud such as AWS, Azure.

Benefits

• No benefits info provided.

Apply Now