Principal Security Architect

Principal Security Architect

Are you ready to make an impact at DTCC? Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve. The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.

The Principal Security Architect is a key leadership role within DTCC's Cybersecurity Architecture organization, responsible for shaping and driving the firm's cloud‑first security strategy as DTCC continues its transition from on‑premise platforms to public cloud services.

This role is highly visible and influential, partnering closely with senior IT and business leaders to ensure that security is embedded by design across modernized platforms, cloud services, and enterprise technologies. The Senior Principal Security Architect serves as a trusted advisor and authoritative voice on security architecture decisions, guiding DTCC's long‑term security posture in a highly regulated environment.

This is a strategy‑ and architecture‑focused role, not a hands‑on engineering position, and is ideal for a seasoned security leader who excels at setting direction, influencing outcomes, and leading through collaboration in complex enterprise environments.

Your Primary Responsibilities :

Cloud Security Architecture & Strategy

• Lead the design, evolution, and governance of DTCC's cloud security architecture, with a strong emphasis on AWS‑based platforms and cloud‑first initiatives.
• Define, maintain, and socialize security architecture patterns, reference architectures, and standards that enable secure, scalable cloud adoption.
• Establish and uphold a strong security posture for cloud‑based applications and services, ensuring alignment with DTCC's enterprise risk, regulatory, and compliance expectations.
• Bridge domain and solution architecture, providing architectural leadership in environments where these responsibilities may otherwise be separated.
• Evaluate emerging security capabilities, technologies, and products in partnership with Cybersecurity, Cloud Delivery, and IT Architecture teams.

Stakeholder Partnership

• Act as a trusted security advisor to IT and business stakeholders, including Executive Directors and Managing Directors, influencing security outcomes across strategic initiatives.
• Collaborate closely with partner organizations—including Cloud Delivery, IT Architecture, and Cybersecurity Engineering—to support enterprise modernization efforts.
• Translate complex security and architectural concepts into clear, actionable guidance for both technical and non‑technical audiences.

People Leadership

• Lead, mentor, and develop a team of 3–5 Security Architects, balancing coaching with accountability for high‑quality architectural outcomes.
• Provide strategic direction and prioritization for the team's work across architecture design, standards development, and architecture review activities.
• Foster a culture of security‑first thinking, strong communication, and continuous improvement.

Role Focus & Evolution

• The role initially balances approximately 50% strategy and 50% architecture/design, with scope evolving toward broader enterprise influence, tactical strategy, and operational oversight.
• This position does not involve hands‑on configuration or direct implementation within cloud environments, but requires deep technical expertise to guide decisions, influence delivery teams, and provide architectural governance.

Qualifications

• Bachelor's or master's degree in computer science, Information Security, or related discipline.
• 8 years of experience in cybersecurity architecture, cloud security, or enterprise security design, with significant depth in cloud security architecture across AWS and Azure environments.

Talent Needed for Success

• Proven experience providing security architecture leadership in large, complex, and highly regulated enterprise environments.
• Demonstrated experience leading and developing senior technical professionals or security architects, with accountability for architectural quality and outcomes.
• Strong background supporting cloud‑first security initiatives, with AWS experience strongly preferred.

Architecture & Security Expertise

• Deep knowledge of security frameworks, standards, and regulatory requirements, including NIST, ISO, and CIS benchmarks.
• Proven ability to define target‑state security architectures, develop multi‑year roadmaps, and deliver enterprise‑scale architectural designs.
• Advanced understanding of cloud security services and controls, including IAM, encryption, monitoring, logging, and incident response in cloud environments.
• Experience embedding security architecture into DevSecOps models, including CI/CD pipelines and cloud‑native security tooling.
• Demonstrated expertise in one or more security domains, such as:
• Application Security
• Identity & Access Management (IAM)
• Data Protection & Encryption

Leadership & Influence

• Strong architectural mindset, with the ability to balance strategic vision and practical design guidance.
• Exceptional communication and stakeholder management skills, with the ability to influence and advise senior technical and business leaders.
• Proven ability to translate complex technical and security concepts into clear, actionable guidance for business and non‑technical audiences.
• Comfortable operating in a non‑hands‑on, architecture‑centric role, guiding delivery teams through influence rather than direct implementation.
• Ability to work both independently and collaboratively within highly matrixed, multidisciplinary teams.

Certifications & Additional Skills

• Preferred industry certifications include AWS Certified Security – Specialty, Azure Security Engineer Associate, CISSP, SABSA, or equivalent credentials.
• Familiarity with blockchain technologies is considered an advantage but is not required.