Title: Principal Security Architect
Location: Dallas, TX/ Tampa, FL/ Jersey City, NJ/ McLean, VA/ Boston, MA (Hybrid)
Your Primary Responsibilities:
What you’ll do
Produce security architecture deliverables as part of initiatives related to network security
Partner with IT teams to improve the network security services for the enterprise
Proactively identify security gaps, propose solutions, and follow through with engineering teams for implementation
Innovate and think outside of the box to solve complex issues
Create and drive the IAM security capability 3-year roadmap with within Cybersecurity Services & respective IT stakeholders
Influence change of control policies with Technology Risk Management & build strong partnerships with IT Architecture & Application Development partners
Create IT security standards easily consumed by IT stakeholders
Build access management security patterns (standardizing authentication/authorization flows, single-sign-on/MFA, provisioning, user behavior analytics, access governance system controls, privileged/secrets mgt) and designs as part of initiatives to modernize the DTCC access management security posture
Identify access management gaps through proactive discovery and partner with app dev teams for remediation
Evaluate the existing application security controls, on-premise and cloud, identify improvements, and build plans into the application security capability roadmap for implementation
Mentor junior security engineers to enhance their security skills within Cybersecurity Services
Maintains professional and technical process knowledge by keeping abreast of the changing security landscape within the technology industry and changes in cybersecurity frameworks
Create white papers and present in industry conferences to present thought leadership in the security field
Your talents needed for success
8-10 years of related experience
Bachelor’s degree preferred
Strong Cybersecurity experience across network, application (web, API) & public/private cloud security architecture (web application firewalls, containers, etc..)
Experience in architecting IAM sub-capabilities (authentication/authorization, user behavior analytics, provisioning)
Strong experience in identifying access management control gaps
Understanding of core cryptography concepts
Experience with Information Security frameworks (e.g. ISO 27001 and NIST) & security architecture frameworks
Experience architecting automated data center processes, including provisioning, application and patch management, monitoring and alerting, capacity monitoring and planning, leveraging execution and human approval workflow design and implementation
Experience in OS security (Windows, Linux) and RDMS is preferred
Who are we?
DTCC safeguards the financial markets and helps them run efficiently – in times of prosperity and crisis. We are uniquely positioned at the center of global trading activity, processing over 100 million financial transactions every day, pioneering industry-wide, post-trade solutions and maintaining multiple data and operating centers worldwide. From where we stand, we can anticipate the industry’s needs and we’re working to continually improve the world’s most resilient, secure and efficient market infrastructure. Our employees are driven to deliver innovative technologies that improve efficiency, lower cost and bring stability and certainty to the post-trade lifecycle.
Why choose DTCC?
DTCC employees work at the center of the world’s financial markets, bringing both innovation and stability to the entire post-trade lifecycle. Our work environment favors openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you’ll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries.