Lead IT Risk and Security Engineer - Breach & Attack Simulation (BAS)

Are you ready to make an impact at DTCC

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.

This position will report to the Associate Director, Cyber Threat Defense and Controls within the Cybersecurity Engineering & Operations team. The Breach & Attack Simulation (BAS) Engineerwill be responsible for the day‑to‑day design, execution, and operationalization of the organization's breach and attack simulation program. This includes emulating real‑world adversary techniques to validate the effectiveness of preventive and detective security controls across on‑premises and cloud environments. The role focuses on continuous security control testing, mapping results to frameworks such as MITRE ATT&CK, identifying detection and response gaps, and working closely with SIEM, SOC, and security engineering teams to improve detection coverage, incident readiness, and overall cyber resilience.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

• Identify, assess, and document security monitoring control issues to mitigate risks.
• Monitor IT platforms that are sending logs to security event monitoring systems and work with relevant IT groups for the remediation of gaps in coverage.
• Integrate new log sources and security technologies by building parsers, onboarding data feeds, and validating data quality to ensure accurate and complete visibility across the environment.
• Ensure platform availability, security, and compliance by monitoring system health, performing upgrades and patching, managing access controls, and aligning configurations with organizational and regulatory requirements.
• detection coverage and operational efficiency.
• Support Disaster Recovery Exercises
• Support audits and regulatory assessments
• Interface with CTDC internal and external stakeholders
• Support the preparation of reports that goes out to stakeholders and senior management.
• Prepare, format and present metrics and reporting for technical and management audiences.
• Coordinate with IT teams for the remediation of identified risks and issues affecting security monitoring controls.
• Support CTDC projects related to implementation of security monitoring controls.
• Support other CTDC responsibilities as assigned.
  

Qualifications:

• Minimum of 6 years of related experience
• Bachelor's degree preferred or equivalent experience

Talents Needed for Success:

• Feedback: Seeks feedback from others, provides feedback to others in support of their development, and is open and honest while dealing constructively with criticism.
• Delegating: Effectively manages tasks and people, taking a practical approach to determine the most effective method of execution while respecting others expertise and considering others feelings and working styles.
• Inclusive Leadership: Values individuals and embraces diversity by integrating differences and promoting diversity and inclusion across teams and functions.

Specific Skills & Technologies

• Adversary Emulation & Attack Modeling
  Ability to simulate real‑world attacker techniques using frameworks like MITRE ATT&CK, mapping tactics, techniques, and procedures (TTPs) to validate security control coverage across the kill chain.
• Security Control Validation & Detection Engineering
  Experience analyzing BAS results to assess the effectiveness of preventive and detective controls, identify detection gaps, and collaborate with SIEM and SOC teams to improve alert fidelity and coverage.
• Risk & Exposure Analysis with Actionable Reporting
  Skill in translating BAS findings into clear, actionable insights, prioritizing risks, recommending remediation, and communicating impact to both technical teams and security leadership.