Lead IT Security Endpoint Engineer

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.

Pay and Benefits:

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

Being a member of IT Cybersecurity & Platform Strategy team, the Lead IT Security Endpoint Engineer will support the design, deployment, operation, and maintenance of Endpoint Security solutions within DTCC's Cybersecurity Infrastructure. This role is ideal for someone passionate about cybersecurity and eager to contribute to minimizing risks and strengthening the security posture of DTCC's digital assets (workstations, servers, etc.).

Your Primary Responsibilities:

• Assist in deploying and maintaining advanced Endpoint Security solutions, including CrowdStrike, Sky High Web Gateways, and other ICAP scanning tools.
• Design, deploy, and operate the CrowdStrike Falcon ecosystem (EDR, NGAV, Firewall, Identity Protection, Falcon for Mobile), ensuring full endpoint coverage, policy consistency, and sensor health across endpoints, servers, VDI, and eligible mobile devices
• Plan and execute upgrades, migrations, and decommissioning initiatives (e.g., legacy proxy/DLP tools to modern Zscaler or CrowdStrike capabilities), ensuring production stability and minimal user impact
• Monitor and troubleshoot technical issues related to endpoint protection tools and calls out sophisticated problems as needed.
• Operate and maintain Symantec DLP Prevent infrastructure (endpoint, web, and inline), including policy enforcement, upgrades, health checks, and coordination with identity and email/web channels
• Collaborate with senior engineers and multi-functional teams to implement security improvements and ensure alignment with organizational standards.
• Ensure high-fidelity telemetry flows from CrowdStrike, Skyhigh, Zscaler, and Symantec into SIEM/SOAR platforms, supporting detection correlation, incident response, and audit evidence requirements
• Support the execution of the endpoint security roadmap and contribute to continuous improvement initiatives.
• Participate in the evaluation of new technologies and provide recommendations on solution design and implementation.
• Ensure malware detection coverage across CrowdStrike EDR Agent-capable devices.
• Find opportunities for automation and assist in implementing automation within Endpoint Security operations.
• Maintain documentation and contribute to knowledge sharing across the team.

**NOTE: The Primary Responsibilities of this role are not limited to the details above. **

Qualifications:

• Minimum 5-8 years of experience in cybersecurity, with a focus on endpoint security.
• Bachelor's degree in related field preferred and/or equivalent experience

Talents Needed for Success:

• Strong hands-on expertise with CrowdStrike Falcon modules (EDR, NGAV, Firewall, Identity Protection) including sensor lifecycle management, policy tuning, detection analysis, and exception handling
• Strong knowledge of Windows, macOS, Linux, endpoint networking, TLS flows, proxy behavior, and how security controls interact across endpoint, network, and cloud layers
• Familiarity with cybersecurity controls for SaaS solutions, Entra ID, and AWS/Azure environments.
• Deep critical-thinking skills to analyze detections, diagnose complex endpoint issues, distinguish real threats from false positives, and drive root-cause resolution under pressure.
• Ability to identify repeatable operational work and drive automation using scripting, APIs, workflows, and infrastructure-as-code concepts to improve consistency, auditability, and scale
• Experience with endpoint firewall products and basic network security principles.
• Strong analytical and problem-solving skills with attention to detail.
• Effective communication and collaboration skills to work with technical and non-technical stakeholders.
• Industry certifications such CISSP or other cybersecurity domain coverage are preferred

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.