empty

Principal Security Architect

DTCC

Job Description

Posted on: 
November 24, 2024

Summary and company overview

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

  • Competitive compensation, including base pay and annual incentive
  • Comprehensive health and life insurance and well-being benefits, based on location
  • Pension / Retirement benefits
  • Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
  • DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

As an Identity Access Management (IAM) Security Architect for the Cybersecurity Architecture Team, you will focus on existing identity access management controls (on-premises and cloud), design new and efficient security architectures, inspire change in control standards, create IT security standards easily consumed by collaborators, create access specific security patterns & diagrams, and own the Identity & Access Management 3 year roadmap. This role will be an ambassador for the shift in the technology culture at DTCC to a Security-First culture.

Responsibilities

  • Drive the Identity & Access Management and secrets management architecture roadmap and share with AES collaborators
  • Participate in discovery workshops to understand client's & Workforce IAM and security needs and provide standard process recommendations to meet IAM use cases. Develop design and architectural diagrams that clearly communicate the proposed solution and flows
  • Actively participate in the multi-functional team meeting, developing project plans, implementation, testing, pre / post release activities, risk management and issue management.
  • Architect solutions applying Ping Identity Products, PlainID and/or similar IAM products, such as IGA tools, Virtual Directory, PAM and Secret Management solutions.
  • Create IT security standards easily consumed by collaborators. Evaluate the existing application security controls, (on-premise and cloud), identify improvements, and build plans into the application security capability roadmap for implementation
  • Build access management security patterns (standardizing authentication/authorization flows, single-sign-on/MFA, provisioning, user behavior analytics, access governance system controls, privileged/secrets management) and designs as part of initiatives to modernize the DTCC access management security posture
  • Mentor junior security engineers and architects to improve their cybersecurity and architecture skills
  • Maintain professional and technical process knowledge by keeping abreast of the changing security landscape within the technology industry and changes in cybersecurity frameworks
  • Create white papers and present in industry conferences to display thought leadership in the security field
  • Align risk and control processes into day-to-day responsibilities to supervise and mitigate risk; raises issues appropriately

NOTE: The Primary Responsibilities of this role are not limited to the details above.

Job Requirements

Required Qualifications:

  • Min 8-10 years of related experience
  • Strong cybersecurity experience in architecting implementations using Ping Identity products (especially PingFed, PingOne, PingID, and PingAuthorize) is required.
  • Experience with most standard IAM security protocols (Eg: OAuth, OIDC, RACF, SAML, LDAP, ID Federation, SSO, MFA, UEBA) is required.
  • Experience architecting solution using products like API Gateway, IGA and Virtual Directory is required.
  • Strong experience in identifying access management control gaps
  • Experience with Information Security frameworks (e.g., ISO 27001, CIS, MITRE ATT&CK and NIST) & security architecture frameworks
  • Experience architecting automated data centre processes, including provisioning, application, and patch management, monitoring and alerting, capacity monitoring and planning, demonstrating execution and human approval workflow design and implementation
  • Strong communication skills with the ability to present in front of large audience

Preferred Qualifications:

  • Bachelor’s degree preferred and/or related experience
  • Experience in OS security (Windows, Linux), Network security (Firewall, Proxy, WAF) and RDMS is preferred.

Additional commentary

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Summary and company overview

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay and Benefits:

  • Competitive compensation, including base pay and annual incentive
  • Comprehensive health and life insurance and well-being benefits, based on location
  • Pension / Retirement benefits
  • Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
  • DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact you will have in this role:

As an Identity Access Management (IAM) Security Architect for the Cybersecurity Architecture Team, you will focus on existing identity access management controls (on-premises and cloud), design new and efficient security architectures, inspire change in control standards, create IT security standards easily consumed by collaborators, create access specific security patterns & diagrams, and own the Identity & Access Management 3 year roadmap. This role will be an ambassador for the shift in the technology culture at DTCC to a Security-First culture.

Apply now