Experience level: Director Experience required: 10 Years Education level: Bachelor’s degree Job function: Information Technology Industry: Financial Services Compensation: View salary Total position: 1 Relocation assistance: No Visa : Only US citizens and Greencard holders

JOB DESCRIPTION:

As a Senior Principal Security Architect in the Cybersecurity Architecture Center of Excellence, your responsibilities will include a comprehensive review of existing security controls and architectures for on-premises, client, and cloud. You will also influence changes in existing control standards, create new IT security standards that are easily consumed by stakeholders, create specific security patterns & diagrams, and own the security capability 3-year roadmap.

This role will be essential as the ambassador for the shift in the technology culture at DTCC to a Security-First mindset.

Primary focus areas for this position are the following:

Produce security architecture deliverables as part of initiatives related to cloud, endpoint, and networking

Partner with IT teams to design and deliver architectures to deliver on the zero-trust vision

Proactively identify security gaps, propose solutions, and follow through with engineering teams for implementation

Inspire team members and more junior staff to contribute new ideas and alternative approaches to problems

RESPONSIBILITIES:

Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers

Influence change of control policies with Technology Risk Management & build strong partnerships with IT Architecture & Application Development partners

Create IT security standards easily consumed by IT stakeholders

Build access management security patterns (standardizing authentication/authorization flows, single-sign-on/MFA, provisioning, user behavior analytics, access governance system controls, privileged/secrets mgt) and designs as part of initiatives to modernize the access management security posture

Evaluate the existing application security controls, on-premises and cloud, identify improvements, and build plans into the application security capability roadmap for implementation

Mentor junior security architects to enhance their security and architecture skills within the team

Maintain professional and technical process knowledge by keeping abreast of the changing security landscape within the technology industry and changes in cybersecurity frameworks

Create white papers and present in industry conferences to present thought leadership in the security field

Aligns risk and control processes into day-to-day responsibilities to monitor and mitigate risk; escalates appropriately

QUALIFICATIONS:

8-10 years of related experience

Master’s degree preferred

Strong Cybersecurity experience across network, application (web, API) & public/private cloud security architecture (web application firewalls, containers, etc.)

Experience in AWS/Azure cloud and DevOps including orchestration

Experience with zero trust architectures and concepts

Experience in architecting IAM sub-capabilities (authentication/authorization, user behavior analytics, provisioning)

Strong experience in identifying access management control gaps

Understanding of core cryptography concepts including PKI

Experience with Information Security frameworks (e.g. ISO 27001 and NIST) & security architecture frameworks

Experience architecting automated data center processes, including provisioning, application, patch management, monitoring and alerting, capacity monitoring and planning, leveraging execution and human approval workflow design and implementation

Experience in OS security (Windows, Linux) and RDMS

Has strong communication skills with the ability to present in front of large audience

ABOUT: safeguards the financial markets and helps them run efficiently, in times of prosperity and crisis. We are uniquely positioned at the center of global trading activity, processing over 100 million financial transactions every day, pioneering industry-wide, post-trade solutions and maintaining multiple data and operating centers worldwide. From where we stand, we can anticipate the industry’s needs and we’re working to continually improve the world’s most resilient, secure, and efficient market infrastructure. Our employees are driven to deliver innovative technologies that improve efficiency, lower cost, and bring stability and certainty to the post-trade lifecycle. DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you’ll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A career is more than a good way to earn a living. It’s the chance to make a difference at a company that’s truly one of a kind.