Associate Director Privileged Access Management Engineering

Job Category:
Information Technology
Job Description: Are you ready to make an impact at DTCC? Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact.

We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve. The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

As a member of CISO team, The Associate Director, Privileged Access Management (PAM) leads the engineering and operational strategy for DTCC’s Privileged Access Management platforms. This role owns the PAM service lifecycle-design, implementation, and continuous improvement-ensuring secure, compliant, and efficient management of privileged credentials across hybrid environments. The leader will drive platform maturity, automation, and governance, partnering with Application, Cloud, Infrastructure and teams to embed PAM into Zero Trust architecture.

• Own PAM platform strategy and roadmap:
  Define architecture for PAM and future roadmap; ensure scalability, HA/DR, and integration with enterprise IAM and security controls.
• Drive platform maturity:
  Implement sophisticated capabilities (JIT access, session recording, credential vaulting, API integrations) and standardize onboarding of new systems.
• Governance & compliance:
  Establish policies for privileged account lifecycle, enforce password complexity and rotation, and ensure audit readiness for SOX, PCI, and internal controls.
• Automation & integration:
  Embed PAM into CI/CD pipelines and workflows; develop scripts and connectors for automated provisioning and session management.
• Operational excellence:
  Monitor PAM performance, lead incident response for privileged access breaches, and conduct root-cause analysis and remediation.
• Stakeholder engagement:
  Communicate platform health, roadmap, and risk posture to senior leadership; manage vendor relationships and licensing.
• Team leadership:
  Build and mentor a high-performing engineering team; set objectives, mentor on PAM standard processes, and foster continuous learning.
• Disaster recovery readiness:
  Participate in DR exercises and ensure PAM resilience in loss-of-region scenarios.

• Minimum of 8 years of related experience
• Bachelor’s degree preferred and/or equivalent experience

• 8 years in security/platform engineering or IAM, with 3 years leading engineering teams.
• Solid understanding of privileged account lifecycle, credential vaulting, and session management.
• Expertise in automation (Jenkins, Python, Groovy or equivalent) and integration with CI/CD and ITSM tools.
• Familiarity with Windows, Unix/Linux, Active Directory, and hybrid cloud environments.
• Understanding of regulatory compliance and audit processes in financial or highly regulated industries.

• Experience implementing and managing Bravura PAM or similar enterprise PAM solutions (e.g. Cyber Ark).
• Experience with Zero Trust architectures, API-based integrations, and sophisticated PAM features (JIT, ephemer...)
• Familiarity with cloud, Kubernetes, Open Shift platform and PAM integration patterns.
• Knowledge of risk frameworks and evidence automation for audits.

With over 50 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From 20 locations around the world, DTCC, through its subsidiaries, automates, centralizes, and standardizes the processing of financial transactions, mitigating risk, increasing transparency, enhancing performance and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm innovates purposefully, simplifying the complexities of clearing, settlement, asset servicing, transaction processing, trade reporting and data services across asset classes, bringing enhanced resilience and soundness to existing financial markets while…