Lead IT Risk and Security Engineer - SIEM

Job Description

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

• Identify, assess, and document security monitoring control issues to mitigate risks.
• Monitor IT platforms that are sending logs to security event monitoring systems and work with relevant IT groups for the remediation of gaps in coverage.
• Design, deploy, and maintain SIEM platforms to collect, normalize, and correlate security logs from diverse sources such as endpoints, servers, network devices, cloud platforms, and security tools.
• Integrate new log sources and security technologies by building parsers, onboarding data feeds, and validating data quality to ensure accurate and complete visibility across the environment.
• Ensure SIEM performance, availability, and compliance by monitoring system health, managing storage and retention, performing upgrades, and aligning configurations with regulatory and organizational security requirements.
• Design, deploy, and manage the Central Log Management system to ensure scalable, reliable ingestion, indexing, and visualization of large volumes of log and telemetry data.
• Manage Central Log Management system performance, scalability, and data lifecycle by tuning index mappings, shard allocation, ingest pipelines, and retention settings to balance search performance, reliability, and cost.
• Ensure platform availability, security, and compliance by monitoring system health, performing upgrades and patching, managing access controls, and aligning configurations with organizational and regulatory requirements.
• Continuously improve SIEM and Central Log Management capabilities through automation, content enhancements, and adoption of new features to strengthen detection coverage and operational efficiency.
• Support Disaster Recovery Exercises
• Support audits and regulatory assessments
• Interface with CTDC internal and external stakeholders
• Support the preparation of reports that goes out to stakeholders and senior management.
• Prepare, format and present metrics and reporting for technical and management audiences.
• Coordinate with IT teams for the remediation of identified risks and issues affecting security monitoring controls.
• Support CTDC projects related to implementation of security monitoring controls.
• Support other CTDC responsibilities as assigned.

• Minimum of 6 years of related experience
• Bachelor's degree preferred or equivalent experience

• Feedback: Seeks feedback from others, provides feedback to others in support of their development, and is open and honest while dealing constructively with criticism.
• Delegating: Effectively manages tasks and people, taking a practical approach to determine the most effective method of execution while respecting others' expertise and considering others' feelings and working styles.
• Inclusive Leadership: Values individuals and embraces diversity by integrating differences and promoting diversity and inclusion across teams and functions.

• Experience with Breach & Attack Simulation tools to continuously validate security controls, detection capabilities, and incident response readiness across on-premises and cloud environments.
• Strong Information Security experience in SIEM and security incident management technologies.
• Experience in securing cloud environments (AWS, Azure, and/or GCP), including identity and access management (IAM), network security controls, logging and monitoring, and cloud-native security services.
• Strong leadership skills with experience leading Agile security engineering team
• Strong, demonstrable experience in Cybersecurity engineering, design, implementation and documentation
• Knowledge of industry-standard Information Security frameworks, policies and procedures
• Good understanding of network and infrastructure (Networking protocol knowledge is an advantage- TCP/IP, HTTP, HTTPS, DNS, firewalls, proxies, IDS, IPS etc.).
  
  Certifications such as CEH, CCSP, CISSP, OSCP) is a plus.