Director Privileged Access Management Engineering

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The impact you will have in this role:

In this role, you will be responsible for the functional and technical design of business systems; integration of business services & information security; driving industry-specific best practices & standards; understanding regulatory compliance needs; coordinating test planning & execution; providing leadership to AD teams and acting as technology liaison to all IT areas within DTCC, to the business partners, and to the industry. Leading projects, teams, code reviews are required to be able to lead by example.

Your Primary Responsibilities:

• As an expert solutions engineer and senior software engineer, mission is to help lead our team of innovators and technologists toward crafting next-generation solutions that improve the way our business is run.
• Taking part in the development and deployment of Cyberark solution.
• Build and implement Cyberark PAM policies and procedures, ensuring alignment to industry standard methodologies and regulatory requirements.
• Develop and lead the PAM roadmap, including technology upgrades, new features, and integrations.
• Handle and maintain the CyberArk PAM platform, including Privileged Session Manager (PSM), Central Policy Manager (CPM), Password Vault Web Access (PVWA), and Vault.
• Defines and factors in performance, scalability, availability, resiliency, security, maintainability, support, testing and cost requirements when making technology selection and application design decisions.
• Define approaches for modernizing legacy applications including migration to public or private cloud infrastructure.
• Lead the engineering design practices of our software development organization.
• Lead design reviews session.
• Collaborate with Infrastructure and Solution Architecture to choose efficient hosting environment.
• Focus on industry practices such as lose coupling of applications, standardization, APIs, reusability, concepts of isolation, extensibility, extendibility, and consistency of solutions while proposing and reviewing architectures.
• Identify and solve for non-functional requirements for the platform consumers.
• Ensures solutions adhere to security policies and standards of firm and industry.
• Conduct POCs for tools as seen fit for the area.

**NOTE: The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Minimum of 10+ years of experience in Information Security with at least 5 years in Privileged Access Management or Secrets Management
• Bachelor's degree in Computer Science, Information Systems or a related field and/or equivalent experience
• Experience leading engineering teams a direct managerial role.

Talents Needed for Success:

• The role demands a leader who can drive the functional and technical design of PAM systems, integrate business services with security, and act as a liaison across IT, business, and industry partners.
• Proven people leader who can work with both junior and senior engineers and architects to build a unified design and engineering philosophy across the team.
• Ability to create a socialize outspoken design tenants for PAM and secrets management.
• Candidates must demonstrate hands-on experience with tools like CyberArk (SaaS and On-Prem), HashiCorp Vault, and Bravura.
• Crafting and implementing secure access for both human and machine identities.
• Managing secrets at scale across hybrid and cloud environments.
• Understanding of PKI and machine identity in both on-prem and cloud-native environments.
• Leading multi-functional teams through modernization efforts.
• Ability to understand architectural diagrams and design
• Sophisticated understanding of privileged user life cycle management and controls around privileged access.
• Experience with AWS, Azure, and/or Google Cloud Platform IAM and PAM concepts
• Experience with solving issues with PAM solutions and applications.
• Ability to guide teams through sophisticated issues and drive resolution for issues that arise within sophisticated and high-risk applications
• Ability to effectively translate technical information between vendors, IT management and other internal and external IT teams
• Ability to work with all levels of management to define requirements associated with PAM services, incorporating security standard processes.

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

About Us

With over 50 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From 20 locations around the world, DTCC, through its subsidiaries, automates, centralizes, and standardizes the processing of financial transactions, mitigating risk, increasing transparency, enhancing performance and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm innovates purposefully, simplifying the complexities of clearing, settlement, asset servicing, transaction processing, trade reporting and data services across asset classes, bringing enhanced resilience and soundness to existing financial markets while advancing the digital asset ecosystem. In 2024, DTCC's subsidiaries processed securities transactions valued at U.S. $3.7 quadrillion and its depository subsidiary provided custody and asset servicing for securities issues from over 150 countries and territories valued at U.S. $99 trillion. DTCC's Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes more than 25 billion messages annually. To learn more, please visit us at or connect with us on LinkedIn , X , YouTube , Facebook and Instagram .

DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you'll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It's the chance to make a difference at a company that's truly one of a kind.

Learn more about Clearance and Settlement by clicking here .

About the Team

Enterprise Product & Platform Engineering transforms the way we deliver infrastructure to our business clients. A key construct of EP&PE will be the evolution of the IT Product Manager, who will partner with the Engineering organization, the Business Aligned Service Delivery organization, the DevSecOps organization as well as our operational support teams to ensure that this organization provides high quality, commercially attractive and timely solutions to support our business strategy.