Skill: security , database , technology risk , code review , penetration , information security , vulnerability , application security , infrastructure , it risk; Exp: 6-9 years; Risk Management 181205 Requisition # Business Unit Global Chief Risk Office Department Technology Risk Management Job Family Risk Management Job Title Application Security Associate Corporate Title Senior Associate FLSA Code (US Only) Exempt Business Unit Description Our Risk Management teams work to protect the safety and soundness of our systems and are responsible for identifying, managing, measuring and mitigating a spectrum of key risk types including credit, market, liquidity, systemic, operational and technology in all existing and new products, activities, processes and systems. The Technology Risk Management department is responsible for setting strategic direction in the areas of IT Risk and Information Security. They are accountable for maintaining DTCC’s corporate security policies and control standards and acting as an operational arm for monitoring threat intelligence. Position Summary The Application Security Associate is responsible for the security testing and risk analysis of DTCCs applications using various application security tools. Interaction with DTCC developers (Application Development (AD)) to provide guidance, best practices and technical assistance in remediating application security issues will be part of the responsibilities. The individual should possess strong application software expertise, along with excellent communication, and organizational skills. Specific Responsibilities Conduct application security audits, risk analysis, vulnerability testing and security reviews across DTCCs businesses Perform code review across a variety of programming languages. Use automated and manual code review techniques to identify application security vulnerabilities Perform expert advice and guidance to internal customers on risk assessment, testing and in fixing vulnerabilities Manage tools, servers and infrastructure supporting the application vulnerabilities testing and analysis program. Work with infrastructure, database and AD to ensure optimal use of tools Conduct periodic application penetration tests, using either in-house or outside resources Document vulnerabilities and work with developers on vulnerability mitigation Provide excellent coordination with local teams (which includes vendor consultants) and various DTCC organizations Provides regular status updates on all assigned tasks and deliverables Aligns risk and control processes into day to day responsibilities to monitor and mitigate risk; escalates appropriately Leadership Competencies for this level include Accountability Demonstrates reliability by taking necessary actions to continuously meet required deadlines and goals Global Collaboration Applies global perspective when working within a team by being aware of own style and ensuring all relevant parties are involved in key team tasks and decisions Communication Articulates information clearly and presents information effectively and confidently when working with others Influencing Convinces others by making a strong case, bringing others along to their viewpoint; maintains strong, trusting relationships while at the same time is comfortable challenging ideas Innovation and Creativity Thinks boldly and out of the box, generates new ideas and processes, and confidently pursues challenges as new avenues of opportunity Qualifications Minimum of 6 years of related experience Bachelor’s degree preferred with Masters or equivalent experience About DTCC With over 40 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From operating facilities and data centers around the world, DTCC automates, centralizes, and standardizes the processing of financial transactions across the trade lifecycle and mitigates risk for thousands of institutions worldwide. At DTCC we value on our clients’ interests and partner to deliver superior results with excellence and innovation and lead with integrity. We proactively develop your potential and invest in your career.
Function: IT Software : Software Products & Services