Associate Director Security Architecture (Network Security)

Are you ready to make an impact at DTCC?   

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets.  We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact.  We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve. 

Pay and Benefits: 

• Competitive compensation, including base pay and annual incentive 
• Comprehensive health and life insurance and well-being benefits, based on location 
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. 
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).  

The impact you will have in this role: 

As a Network Security Architect in the Cybersecurity Architecture Center of Excellence, your responsibilities include a comprehensive review and redesign of the existing network security infrastructure and capabilities for on-premises, client, and hybrid-cloud environment. You will also influence changes in existing control standards, create new IT security standards that are easily consumed by stakeholders, create specific security patterns & diagrams, and own the relevant 3-year capability roadmap. This role will be key in ensuring a Security-First mindset during DTCC’s technology modernization journey.

Your Primary Responsibilities: 

• Produce security architecture deliverables as part of initiatives related to network modernization and Zero Trust paradigm.
• Proactively identify security gaps, propose solutions, and follow through with engineering teams for implementation.
• Be the subject matter expert for Network Security through the enterprise along with the security architecture team.
• Inspire team members and junior staff to contribute new ideas and alternative approaches
• Design and optimize solutions to protect organization’s network infrastructure, integrating cloud-based and on-premise components such as firewalls, load balancers, WAF, proxies, SD-WAN solutions, DDoS mitigation systems.
• Create and drive the internal and client network security capability roadmap within information technology & the respective IT stakeholders.
• Create and drive the Zero Trust network modernization roadmap within information technology & the respective IT stakeholders.
• Design Zero Trust network security controls through modern security technologies such as CASB, CNAPP.
• Influence change of control policies with Technology Risk Management & build strong partnerships with IT Architecture & Application Development partners.
• Create IT security standards and drive best-practices which are easily consumed by IT stakeholders.
• Lead the technical analysis of network security capabilities with the aim of delivery new or enhanced security capabilities.
• Identify automation opportunities for network security controls lifecycle management.
• Act as the domain specialist to help guide and shape how network security controls are enabled and enforced.
• Mentor junior security architects to enhance their security and architecture skills within the team.
• Deliver high-quality executive architecture presentations and demonstrations.
• Maintain professional and technical process knowledge by keeping abreast of the changing security landscape within the technology industry and changes in cybersecurity frameworks.
• Create white papers and presentations in industry conferences to present thought leadership in security field.
• Align risk and control processes into day-to-day responsibilities to monitor and mitigate risk; escalates appropriately 

Quailifications:

• 7+ years of related experience 
• Bachelor degree preferred in STEM areas such as Computer Science, Electrical & Computer Engineering, Information Management, Big Data & Analytics

Talents Needed for Success: 

• Strong Information Security experience, specifically in network security domain (on premise and hybrid-cloud).
• Solid working knowledge with Next Gen firewalls and features such as URL, IPS, malware and content filtering, proxies, WAFs, traffic capturing and inspection technologies.
• Provide expert knowledge and experience performing deep packet troubleshooting with Wireshark, packet analyzer.
• In-depth knowledge of Zero Trust paradigm and network pillar designs improvements aligned with Zero Trust best practices.
• Working knowledge with 3+ vendors such as: Palo Alto NGFW, F5 LTM, APM, GSLB/GTM, Zscaler, Akamai, AWS network primitives (VPC, Direct Connect), Azure network primitives (VNET, Express Route).
• Experience in routing protocols and switching, BGP, OSPF, VRF, GRE, NAT/PAT, MPLS, SSL, IPSec tunnel, SSL offloading, multicasting, traffic balancing, high availability techniques, IPv4, IPv6.
• Expert level experience with WAN deployments including EIGRP/BGP route redistribution over MPLS and/or SD-WAN networks, route maps and filtering, traffic prioritization and QoS policies.
• Solid experience with Python, networking fundamentals, OS (Windows/Linux) security.
• Experience with Information Security frameworks (e.g. ISO 27001 and NIST) & security architecture frameworks.
• Proficient in how Active Directory works.
• Knowledge of Public DNS.
• Familiar with PKI and SSL Certificate management.
• Solid analytical skills to troubleshoot high-level, complex and technical problems.
• Strong organizational skills and multi-tasking ability.
• Ability to prioritize and execute tasks in high pressure environment and make sound decisions in emergency situations.
• Strong technical writing skills to support required documentation.
• Has strong communication skills with the ability to present in front of large audience.
• Demonstrated ability to collaborate between product management, engineering, risk, and IT teams.
• Willingness to learn, be a team player and a strong cross functional partner.
• Adapts quickly to changes in business requirements.
• Self-motivated individual that can work independently on projects, as well as a team player working towards a common goal.

Actual salary is determined based on the role, location, individual experience, skills, and other considerations.We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

 

 

 

DTCC safeguards the financial markets and helps them run efficiently, in times of prosperity and crisis. We are uniquely positioned at the center of global trading activity, processing over 100 million financial transactions every day, pioneering industry-wide, post-trade solutions and maintaining multiple data and operating centers worldwide. From where we stand, we can anticipate the industry’s needs and we’re working to continually improve the world’s most resilient, secure and efficient market infrastructure. Our employees are driven to deliver innovative technologies that improve efficiency, lower cost and bring stability and certainty to the post-trade lifecycle.
DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork.  When you join our team, you’ll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It’s the chance to make a difference at a company that’s truly one of a kind.

Learn more about Clearance and Settlement by clicking here.