Pay Growth
?
out of 5
Not enough data
Not enough info to score pay or growth
Lead Privileged Access Management (PAM) Engineer
Job
The Depository Trust & Clearing Corporation (DTCC)
Hoboken, NJ (In Person)
Full-Time
Review key factors to help you decide if the role fits your goals.
Job Security
?
out of 5
Not enough data
Calculating job security score...
Total Score
100
out of 100
Average of individual scores
Skill Insights
Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
Lead Privileged Access Management (PAM) Engineer at The Depository Trust & Clearing Corporation (DTCC) Lead Privileged Access Management (PAM) Engineer at The Depository Trust & Clearing Corporation (DTCC) in Hoboken, New Jersey Posted in 1 day ago.
DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employe e). The Impact you will have in this r ole:
Bein g a Senior / Lead Engineer within the CISO organiza tion, you will serve a s a technical authority for DTCC's Privileged Access Management (PAM) platf orms. You will design, build, and operate highly available, secure PAM services across hybrid environments, ensuring privileged access is controlled, observable, and resili ent.
This role plays a critical part in advancing Zero Trust principles by embedding PAM into infrastructure, cloud, and application workflows. You will lead by example-owning production outcomes, driving automation, and ensuring the platform is observable, auditable, and operationally so und.
Drive platform mat urity: Implement sophisticated capabilities (JIT access, session recording, credential vaulting, API integrations) and standardize onboarding of new sys tems.
Implement and main tain end-to-end observab ility for PAM platforms using monitoring, logging, and alerting tools (e.g., Splunk, Prometheus, Grafana, or equival ent).Governance & compl iance: Establish policies for privileged account lifecycle, enforce password complexity and rotation, and ensure audit readiness for SOX, PCI, and internal cont rols.
Automation & integr ation: Embed PAM into CI/CD pipelines and workflows; develop scripts and connectors for automated provisioning and session manage ment.
Operational excel lence: Monitor PAM performance, lead incident response for privileged access breaches, and conduct root-cause analysis and remedia tion.
Stakeholder engag ement: Communicate platform health, roadmap, and risk posture to senior leadership; manage vendor relationships and licen sing.
Act as a m entor for other engineers-reviewing designs, code, and operational pract ices.
Disaster recovery read iness: Participate in DR exercises and ensure PAM resilience in loss-of-region scena rios.•
Minimum of 6 years of related expe rienceBachelor's degree preferred and/or equivalent expe rienceTalents Needed for Su ccess:6+ years in security/platform engineering or IAMSolid understandi ng of privileged account lif ecycle, credential vaulting, and session manag ement.
Experti se in auto mation (Jenkins, Python, Groovy or equivalent) and integration with CI /CD a.
Familiarity with Windows, Unix/Linux, Active Dir ectory, and hybrid cloud environ ments.
Understandi ng of regulatory comp liance and audit processes in financial or highly regulated indus tries.
Preferred Qualific ationsExperience implementing and managing Br avu ra PAM or similar enterprise PAM solutions (e.g. Cybe rArk).Experience with Zero Trust archite ct ures, API-based integr ations, and sophisticated PAM features (JIT, ephemeral credent ials).Familiarity with cloud, Kubernetes, OpenShift platform and PAM integration pat terns.
Knowled ge of risk fram eworks and evidence automation for a udits.
The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommod ation.
Type:
full-timeJob Description:
Are you ready to make an impact at DTCC? Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governanc e.Pay and Benefi ts:
Competitive compensation, including base pay and annual incent iveComprehensive health and life insurance and well-being benefits, based on locat ionPension / Retirement benef itsPaid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-bei ng.DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employe e). The Impact you will have in this r ole:
Bein g a Senior / Lead Engineer within the CISO organiza tion, you will serve a s a technical authority for DTCC's Privileged Access Management (PAM) platf orms. You will design, build, and operate highly available, secure PAM services across hybrid environments, ensuring privileged access is controlled, observable, and resili ent.
This role plays a critical part in advancing Zero Trust principles by embedding PAM into infrastructure, cloud, and application workflows. You will lead by example-owning production outcomes, driving automation, and ensuring the platform is observable, auditable, and operationally so und.
Your Primary Responsibili ties:
Design and evolve PAM platform architecture with a focu s on scalability, resilience (HA/DR), and security-by-d e sign.Drive platform mat urity: Implement sophisticated capabilities (JIT access, session recording, credential vaulting, API integrations) and standardize onboarding of new sys tems.
Implement and main tain end-to-end observab ility for PAM platforms using monitoring, logging, and alerting tools (e.g., Splunk, Prometheus, Grafana, or equival ent).Governance & compl iance: Establish policies for privileged account lifecycle, enforce password complexity and rotation, and ensure audit readiness for SOX, PCI, and internal cont rols.
Automation & integr ation: Embed PAM into CI/CD pipelines and workflows; develop scripts and connectors for automated provisioning and session manage ment.
Operational excel lence: Monitor PAM performance, lead incident response for privileged access breaches, and conduct root-cause analysis and remedia tion.
Stakeholder engag ement: Communicate platform health, roadmap, and risk posture to senior leadership; manage vendor relationships and licen sing.
Act as a m entor for other engineers-reviewing designs, code, and operational pract ices.
Disaster recovery read iness: Participate in DR exercises and ensure PAM resilience in loss-of-region scena rios.•
NOTE:
The Primary Responsibilities of this role are not limited to the details above . •Qualifica tions:Minimum of 6 years of related expe rienceBachelor's degree preferred and/or equivalent expe rienceTalents Needed for Su ccess:6+ years in security/platform engineering or IAMSolid understandi ng of privileged account lif ecycle, credential vaulting, and session manag ement.
Experti se in auto mation (Jenkins, Python, Groovy or equivalent) and integration with CI /CD a.
Familiarity with Windows, Unix/Linux, Active Dir ectory, and hybrid cloud environ ments.
Understandi ng of regulatory comp liance and audit processes in financial or highly regulated indus tries.
Preferred Qualific ationsExperience implementing and managing Br avu ra PAM or similar enterprise PAM solutions (e.g. Cybe rArk).Experience with Zero Trust archite ct ures, API-based integr ations, and sophisticated PAM features (JIT, ephemeral credent ials).Familiarity with cloud, Kubernetes, OpenShift platform and PAM integration pat terns.
Knowled ge of risk fram eworks and evidence automation for a udits.
The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommod ation.