Director Privileged Access Management Engineering

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The impact you will have in this role:

We are seeking a strategic leader to drive the functional and technical design of Privileged Access Management (PAM) systems, with a strong emphasis on HashiCorp Vault and modern secrets management practices. This role requires deep expertise in integrating business services with security controls and collaborating across IT, business, and industry partners. In this role, you will be responsible for the functional and technical design of business systems; integration of business services & information security; driving industry-specific best practices & standards; understanding regulatory compliance needs; coordinating test planning & execution; providing leadership to AD teams and acting as technology liaison to all IT areas within DTCC, to the business partners, and to the industry. Leading projects, teams, code reviews are required to be able to lead by example.

Your Primary Responsibilities:

• As an expert design and engineering team, your mission is to help lead our team of innovators and technologists toward crafting next-generation solutions that improve the way our business is run.
• Participate in the development and deployment of Privileged Access Management (PAM) solutions.
• Build and implement PAM policies and procedures, ensuring alignment with industry standard methodologies and regulatory requirements.
• Develop and lead the PAM roadmap, including technology upgrades, new features, and integrations with enterprise systems.
• Lead and maintain the PAM platform, including session management, credential management, policy enforcement, and secure access workflows.
• Define and incorporate performance, scalability, availability, resiliency, security, maintainability, support, testing, and cost requirements into technology selection and application design decisions.
• Define approaches for modernizing legacy applications, including migration to public or private cloud infrastructure.
• Lead engineering design practices within the software development organization.
• Conduct design review sessions and provide architectural mentorship.
• Collaborate with Infrastructure and Solution Architecture teams to select efficient hosting environments.
• Emphasize industry practices such as loose coupling of applications, standardization, APIs, reusability, isolation, extensibility, and consistency of solutions during architectural planning.
• Identify and address non-functional requirements for platform consumers.
• Ensure solutions adhere to organizational and industry security policies and standards.
• Conduct proof-of-concept evaluations for tools and technologies relevant to PAM and security architecture.

**NOTE: The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Minimum of 10+ years of experience in Information Security with at least 5 years in Privileged Access Management or Secrets Management
• Bachelor's degree in Computer Science, Information Systems or a related field and/or equivalent experience
• Experience leading engineering teams a direct managerial role.

Talents Needed for Success:

• Proven leadership experience guiding both junior and senior engineers and architects to establish a unified design and engineering philosophy.
• Ability to define and promote design tenets for PAM and secrets management using vendor-agnostic principles.
• Hands-on experience with HashiCorp Vault in enterprise environments, including deployment, policy management, and integration with cloud-native and hybrid systems.
• Familiarity with other PAM tools such as Bravura and CyberArk is a plus, but the primary focus is on HashiCorp Vault.
• Expertise in leading PAM patterns for both human and machine identities, including secure onboarding, credential rotation, and access workflows tailored to each identity type.
• Strong understanding of secrets management at scale, including dynamic secrets, lease management, and audit logging.
• Deep knowledge of PKI, certificate lifecycle management, and machine identity in on-perm and cloud-native environments.
• Experience leading multi-functional teams through modernization and transformation initiatives.
• Ability to interpret and contribute to architectural diagrams and solution designs.
• Sophisticated understanding of the privileged user lifecycle and controls, using a generic PAM framework rather than tool-specific implementations.
• Experience with IAM and PAM concepts across AWS, Azure, and/or Google Cloud Platform.
• Proven track record to fix and resolve sophisticated issues related to PAM solutions and their integration with enterprise applications.
• Strong communication skills to translate technical concepts for vendors, IT leadership, and multi-functional teams.
• Ability to collaborate with team members at all levels to define and deliver PAM services aligned with security standard processes.

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

About Us

With over 50 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From 20 locations around the world, DTCC, through its subsidiaries, automates, centralizes, and standardizes the processing of financial transactions, mitigating risk, increasing transparency, enhancing performance and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm innovates purposefully, simplifying the complexities of clearing, settlement, asset servicing, transaction processing, trade reporting and data services across asset classes, bringing enhanced resilience and soundness to existing financial markets while advancing the digital asset ecosystem. In 2024, DTCC's subsidiaries processed securities transactions valued at U.S. $3.7 quadrillion and its depository subsidiary provided custody and asset servicing for securities issues from over 150 countries and territories valued at U.S. $99 trillion. DTCC's Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes more than 25 billion messages annually. To learn more, please visit us at or connect with us on LinkedIn , X , YouTube , Facebook and Instagram .

DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you'll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It's the chance to make a difference at a company that's truly one of a kind.

Learn more about Clearance and Settlement by clicking here .

About the Team

Enterprise Product & Platform Engineering transforms the way we deliver infrastructure to our business clients. A key construct of EP&PE will be the evolution of the IT Product Manager, who will partner with the Engineering organization, the Business Aligned Service Delivery organization, the DevSecOps organization as well as our operational support teams to ensure that this organization provides high quality, commercially attractive and timely solutions to support our business strategy.