Director IT Embedded Risk

Are you ready to make an impact at DTCC?
Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.
The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.
 

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

Being a member of IT FinSight Delivery team, the IT Risk Management works closely with technology leaders to strengthen risk awareness, enhance the control environment, and support the resilient, secure, and compliant delivery of technology services. Within this framework, the IT Embedded Risk team works directly with IT Infrastructure to provide risk advisory, effective challenge, and governance support across critical platforms, services, and change initiatives.

• Support the ongoing enhancement of the infrastructure risk and control environment by helping identify emerging risks, monitor changes in exposure, and elevate significant control concerns.
• Provide advisory support and effective challenge to infrastructure leadership and teams on control design, control effectiveness, and risk mitigation approaches.
• Collaborate with Information Security and other partners to ensure infrastructure risks, control priorities, and remediation activities are assessed, communicated, and governed effectively.

Your Principal Responsibilities:

• Serve as the embedded risk advisor to IT Infrastructure leadership, providing credible challenge and practical guidance on strategic priorities, control decisions, and risk acceptance.
• Oversee risk and control activities across enterprise infrastructure domains, including networks, servers, storage, endpoints, data centers, and hybrid cloud platforms.
• Influence and strengthen infrastructure risk practices related to vulnerability management, incident response, access controls, data protection, and operational resilience.
• Partner across engineering, security, operations, and business teams to support the secure, stable, and high-performing delivery of critical technology services.
• Lead the development, enhancement, and monitoring of infrastructure controls, standards, procedures, and remediation plans in support of regulatory, audit, and policy requirements.
• Partner with Capability Owners to complete RCSA activities for IT Infrastructure, ensuring risks, controls, and remediation priorities are appropriately identified, assessed, documented, and escalated.
• Own and report key risk and control metrics, including KRIs and KCIs, to support transparency, decision-making, and accountability.
• Represent IT Infrastructure in governance forums, management committees, audits, and regulatory interactions as a senior point of contact for embedded risk matters.
• Provide strategic people leadership by setting direction for the team, building organizational capability, developing talent, and driving a culture of accountability, collaboration, and high performance.
• Support modernization, automation, and continuous improvement initiatives while helping ensure service quality and operational efficiency.

**NOTE: The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Minimum of 10 years of related experience
• Bachelor's degree preferred and/or equivalent experience

Talents Needed for Success:

• 10+ years of experience in infrastructure risk, infrastructure engineering, cybersecurity, or a related discipline.
• Strong understanding of enterprise infrastructure domains, including networks, servers, storage, endpoints, data centers, and hybrid cloud environments.
• Experience designing, assessing, or overseeing infrastructure controls and driving remediation in audit or regulatory-driven environments.
• Knowledge of core cybersecurity practices, including vulnerability management, incident response, access management, and data protection.
• Ability to define, interpret, and communicate KPIs, KRIs, and KCIs to technical, business, and governance stakeholders.
• Preferred: Experience in financial services and familiarity with FFIEC and other relevant U.S. regulatory standards. 

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.