JOB DESCRIPTION
Are you ready to make an impact at DTCC
Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.
The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.
Pay and Benefits:
- Competitive compensation, including base pay and annual incentive
- Comprehensive health and life insurance and well-being benefits, based on location
- Pension / Retirement benefits
- Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
- DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).
Key Responsibilities
- Design, implement, and enhance enterprise‑wide systems to discover, inventory, and track certificates, cryptographic keys, and crypto protocols across servers, endpoints, applications, and network devices.
- Supporting cryptographic asset discovery and Cryptographic Bill of Materials (CBOM) inventory activities across applications, infrastructure, and endpoints.
- Assisting in identifying cryptographic algorithms, key sizes, and certificate attributes relevant for Post Quantum Cryptography (PQC) readiness assessments.
- Collaborating with application and security teams to validate crypto metadata used for CBOM reporting and risk analysis.
- Request intake, issuance, renewal, revocation, rotation, and expiry governance.
- Lead SSL/TLS certificate installation, configuration, and troubleshooting across servers, applications, APIs, load balancers, and cloud platforms.
- Proactively monitor certificate health, enforce renewal SLAs, and prevent service disruptions due to crypto failures.
- Support and optimize enterprise Certificate Authorities (internal & external) and certificate management platforms.
- Apply strong hands‑on knowledge of cryptographic algorithms and controls:
- Symmetric encryption: AES (legacy awareness of 3DES)
- Asymmetric encryption: RSA, ECC
- Hashing algorithms: SHA‑256 / SHA‑3
- Digital signatures, key exchange, and MACs
- Contribute to HSM integration and key protection strategies, with hands‑on or advanced conceptual exposure.
Key Skills
- CBOM Data Quality (PQC Support): Accurate capture of crypto algorithms, key parameters, and certificate metadata.
- Inventory Coverage: High percentage of endpoints, applications, and servers accurately tracked.
- Certificate Lifecycle Compliance: Zero unplanned outages due to expired or misconfigured certificates.
- Data Accuracy & Integrity: Reliable, audit‑ready crypto asset records.
- Operational Excellence: Reduction in manual interventions and incident recurrence.
- Reporting & Audit Readiness: Timely delivery of executive and audit reports.
- Stakeholder Enablement: Adoption and effective usage of crypto dashboards and reports.
Qualifications:
- Minimum of 4 years of related experience
- Bachelor's degree preferred or equivalent experience
Talents Needed for Success:
- Strong and practical expertise in PKI concepts (certificates, trust chains, CA hierarchies).
- Working awareness of PQC concepts and crypto‑agility, with the ability to support CBOM inventory efforts.
- Deep understanding of applied cryptography and enterprise security controls.
- Hands‑on experience with PKI architecture, certificate lifecycle operations, and troubleshooting.
- Proven experience supporting security operations, application security, infrastructure security, or IAM teams.
- Exposure to HSMs, key management, and secure key storage practices.
ABOUT THE TEAM
IT Risk and Data Services department seeks to meet our clients needs by capitalizing on the progress made in both the Risk Technology Program and the Data Analytics work and driving adoption of these capabilities across the enterprise. Important initiatives like the Modernization and Resiliency Programs count on these foundational capabilities to succeed.
