Principal IT Security Engineer

Are you ready to make an impact at DTCC?  

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets.  We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact.  We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits 
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee). 

The impact you will have in this role:

Being a member of the Identity Access Management (IAM) Team, you will be responsible for the functional and technical design of business systems; integration of business services & information security; driving industry-specific best practices & standards; understanding regulatory compliance needs; coordinating test planning & execution; providing leadership to AD teams and acting as technology liaison to all IT areas within DTCC, to the business partners, and to the industry. Leading projects, teams, code reviews are required to be able to lead by example.

Your Primary Responsibilities:

• As an expert application architect and senior software engineer, mission is to help lead our team of innovators and technologists toward crafting next-generation solutions that improve the way our business is run.
• Defines and factors in performance, scalability, availability, resiliency, security, maintainability, support, testing and cost requirements when making technology selection and application design decisions.
• Define approaches for modernizing legacy applications including migration to public or private cloud infrastructure.
• Own the engineering design practices of our software development organization.
  Lead design reviews session.
• Collaborate with Infrastructure and Solution Architecture to choose efficient hosting environment.
• Focus on industry practices such as lose coupling of applications, standardization, APIs, reusability, concepts of isolation, extensibility, extendibility and consistency of solutions while proposing and reviewing architectures.
• Identify and solve for non-functional requirements for the platform consumers.
• Ensures solutions adhere to security policies and standards of firm and industry.
• Conduct POCs for tools as seen fit for the area.

**NOTE:  The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Minimum of 6 years of related experience 
• Bachelor's degree preferred or equivalent experience. 

Talents Needed for Success:

• Strong Information Security experience, specifically in PKI/Cryptography (on premise and cloud) & Secrets management.
• Solid working experience with certificate issuance ceremonies.
• In-depth knowledge of Certificate Lifecycle Management including certificate revocation list (CRLs) standard processes.
•  Hands-on experience with 2+ vendors such as: Venafi, Hashicorp, Microsoft, Thales, Gemalto (SafeNet HSM), DigiCert, Hitachi (HiPAM).
•  Experience in SSL certificate management concepts, processes, and solution management.
• Expertise with Online Certificate Status Protocol (OCSP) infrastructure, Hardware Security Modules (HSM), CMS Enterprise, Venafi Trust Protection Platform, and Venafi TrustNet software suites.
• Experience in building Certificate Policy (CP) and Certificate Practice Statements (CPS).
• Solid experience with Python, networking fundamentals, OS (Windows/Linux) security.
• Experience with Information Security frameworks (e.g. ISO 27001 and NIST) & security architecture frameworks.
• Deep technical writing skills to support required documentation.
• Demonstrated ability to collaborate between product management, engineering, risk, and IT teams.
• Has good communication skills with the ability to communicate in front of large audience.

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

DTCC safeguards the financial markets and helps them run efficiently, in times of prosperity and crisis. We are uniquely positioned at the center of global trading activity, processing over 100 million financial transactions every day, pioneering industry-wide, post-trade solutions and maintaining multiple data and operating centers worldwide. From where we stand, we can anticipate the industry’s needs and we’re working to continually improve the world’s most resilient, secure and efficient market infrastructure. Our employees are driven to deliver innovative technologies that improve efficiency, lower cost and bring stability and certainty to the post-trade lifecycle.
DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork.  When you join our team, you’ll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It’s the chance to make a difference at a company that’s truly one of a kind.

Learn more about Clearance and Settlement by clicking here.