Are you ready to make an impact at DTCC?
Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.
The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.
Pay and Benefits:
The Impact you will have in this role:
Being a member of IT Cybersecurity and Platform Strategy team, you will lead the design, governance, and implementation of enterprise Zero Trust Network Access (ZTNA) and Secure Service Edge (SSE) capabilities. This role is a hybrid of architecture leadership, governance oversight, and hands‑on technical engagement, supporting secure access modernization across a complex, regulated financial services environment.
Your Primary Responsibilities:
Architecture & Strategic Design
Define and maintain enterprise ZTNA and SSE target‑state architectures, roadmaps, and transition strategies aligned with DTCC security principles.
Establish and document Zero Trust architecture standards, including identity‑centric access, least‑privilege enforcement, continuous verification, and segmentation.
Develop and maintain architecture artifacts, including:
Reference architectures and solution patterns
High‑Level Designs (HLDs) and Low‑Level Designs (LLDs)
Architecture Decision Records (ADRs)
Serve as the design authority for secure access and connectivity initiatives.
Governance, Risk & Control Alignment
Translate enterprise security, regulatory, and risk requirements into enforceable architectural guardrails for ZTNA/SSE platforms.
Ensure access architectures support:
Policy consistency and traceability
Exception management and approvals
Periodic access reviews and recertification
Audit and regulatory evidence requirements
Participate in architecture review boards, security design reviews, and governance forums as the ZTNA/SSE subject‑matter expert.
Hands‑On Technical Leadership
Lead and actively participate in:
Platform design and configuration
Proof‑of‑concepts and pilot implementations
Migration initiatives (including VPN modernization)
Architect and guide implementation of SSE capabilities, including:
Zero Trust Network Access (ZTNA)
Secure Web Gateway (SWG)
Cloud Access Security Broker (CASB)
Firewall‑as‑a‑Service (FWaaS), where applicable
Integration with Data Loss Prevention (DLP) services
Design secure access models for:
Workforce access to internal and cloud‑hosted applications
Third‑party and vendor access
Privileged and high‑risk access scenarios
Multi‑Vendor Platform Architecture
Design and maintain solutions across a multi‑vendor ZTNA/SSE ecosystem, including:
Zscaler
Cisco security and secure access platforms
Akamai enterprise access and edge security services
Perform comparative technical evaluations and develop vendor‑neutral architectural decision frameworks.
Lead vendor engagements, technical deep dives, and roadmap assessments.
Operational Readiness & Continuous Improvement
Ensure operational integration with:
SIEM/SOAR platforms
Logging, telemetry, and monitoring systems
Incident detection and response workflows
Define and track access‑related KPIs and metrics, including:
Reduction in legacy VPN reliance
Application onboarding progress to ZTNA
Policy exception volumes
Access anomaly detection and response effectiveness
Drive continuous optimization of security posture, performance, and user experience.
NOTE: The Primary Responsibilities of this role are not limited to the details above.
Qualifications:
Talents Needed for Success:
Demonstrated experience designing and implementing Zero Trust architectures in large enterprise environments.
Strong expertise in:
Identity‑based access controls (SSO, MFA, conditional access)
Secure network and application connectivity concepts
Hybrid and cloud‑based access architectures
Experience integrating ZTNA/SSE platforms with:
Identity providers (e.g., Entra ID, Okta, Ping)
SIEM/SOAR solutions
Endpoint security and posture signals
Ability to operate effectively across strategy, governance, and hands‑on execution.
Preferred / Recommended Qualifications
Architecture and/or implementation experience with multiple of the following platforms:
Zscaler
Cisco security and networking platforms
Akamai enterprise security and access solutions
Familiarity with:
Software‑defined perimeter and segmentation strategies
TLS inspection, certificate management, and privacy considerations
SaaS governance and shadow IT risk controls
Professional certifications such as CISSP, CCSP, GIAC, or relevant vendor certifications preferred.
Key Competencies
Working Relationships
The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
With over 50 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From 20 locations around the world, DTCC, through its subsidiaries, automates, centralizes, and standardizes the processing of financial transactions, mitigating risk, increasing transparency, enhancing performance and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm innovates purposefully, simplifying the complexities of clearing, settlement, asset servicing, transaction processing, trade reporting and data services across asset classes, bringing enhanced resilience and soundness to existing financial markets while advancing the digital asset ecosystem. In 2024, DTCC's subsidiaries processed securities transactions valued at U.S. $3.7 quadrillion and its depository subsidiary provided custody and asset servicing for securities issues from over 150 countries and territories valued at U.S. $99 trillion. DTCC's Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes more than 25 billion messages annually. To learn more, please visit us at www.dtcc.com or connect with us on LinkedIn, X, YouTube, Facebook and Instagram.
DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you'll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It's the chance to make a difference at a company that's truly one of a kind.
Learn more about Clearance and Settlement by clicking here.