Attack Surface Reduction Senior Associate

Job Description

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).
• Support the identification, assessment, and reduction of externally exposed assets and vulnerabilities across the enterprise perimeter.
• Partner with technology, infrastructure, and security teams to support remediation planning and execution for edge and external-facing assets.
• Analyze attack surface and vulnerability data to help prioritize exposure reduction efforts.
• Track remediation actions, risks, and outcomes to ensure timely follow-through and transparency.
• Develop working knowledge of perimeter technologies, external-facing platforms, and defensive security controls.
• Support vulnerability management lifecycle activities related to external threats, including validation, analysis, and closure tracking.
• Contribute to metrics, dashboards, and reporting that demonstrate attack surface reduction progress and effectiveness.
• Assist with the creation and maintenance of documentation such as policies, procedures, standards, and job aids.
• Participate in responses to security incidents related to external threats and vulnerabilities, as required

• Support the identification, assessment, and reduction of externally exposed assets and vulnerabilities across the enterprise perimeter.
• Partner with technology, infrastructure, and security teams to support remediation planning and execution for edge and external-facing assets.
• Analyze attack surface and vulnerability data to help prioritize exposure reduction efforts.
• Track remediation actions, risks, and outcomes to ensure timely follow-through and transparency.
• Develop working knowledge of perimeter technologies, external-facing platforms, and defensive security controls.
• Support vulnerability management lifecycle activities related to external threats, including validation, analysis, and closure tracking.
• Contribute to metrics, dashboards, and reporting that demonstrate attack surface reduction progress and effectiveness.
• Assist with the creation and maintenance of documentation such as policies, procedures, standards, and job aids.
• Participate in responses to security incidents related to external threats and vulnerabilities, as required

• Minimum of 7 years of experience
• Bachelors' Degree and/or equivalent experience

• Minimum of 6 years of related experience in cybersecurity, vulnerability management, attack surface management, or technology risk.
• Bachelor's degree preferred or equivalent practical experience.
• Working knowledge of external attack surface concepts, vulnerability management practices, and perimeter security controls.
• Experience analyzing vulnerability or exposure data and supporting remediation efforts.
• Strong organizational, analytical, and communication skills with the ability to work across teams.
• Any tools exp in vulnerability or attack surface - ProjectDiscovery, rapid7