The job IT Security Engineer has been saved.Continue
Ready to apply?Please confirm your email to start the apply process.
The Job has been saved succesfully
IT Security Engineer posted by DTCC
Senior PKI Security Engineer - Chennai, TN, India
Are you ready to explore a world of possibilities?
Join our DTCC family, and you’ll grow your expertise and become the best version of you. As you embark on a new journey, you’ll be supported and surrounded by other professionals as you learn new skills, advance your career, and see the impact of your efforts every day.
Pay and Benefits:
Competitive compensation, including base pay and annual incentive
Comprehensive health and life insurance and well-being benefits, based on location
Paid Time Off and other leave of absence
Flexible/Hybrid Work Arrangements
Why you'll love this job
The Cybersecurity Services domain protects DTCC from cybersecurity risks through world class security architecture, engineering and governance practices. Enterprise Certification Management Services (ECMS) team under Cybersecurity Services drives and improves Public Key Infrastructure (PKI) and certificate management across the entire DTCC technology estate. The ECMS team partners with other DTCC technology teams to design and implement PKI automation and standard methodology across the company. The successful candidate is someone who has solid attention to detail, as well as motivation to collaborate and share their technical knowledge around automation and security standard methodologies.
The main focus areas for the ECMS team are:
Ensures accurate inventory of the certificates in use in our environment
Creates and manages automation and workflows relevant for certificate management
Supports technology teams across DTCC for all aspects of certificate life-cycle management (Discovery, Generation, Distribution, Rotation and Revocation)
Your Primary Responsibilities:
- Design processes and workflows for generation, rotation and revoking certificates
- Document PKI and certificate management guidance for the company
- Identify automation opportunities for certificate lifecycle
- Acts as the domain specialist to help guide and shape how certificate management services are enabled
- Design new certificate management services, integrations and technologies
- Develop and improve PKI/PKE best practices
- Problem solving and troubleshooting of complex issues
- Passion, drive, energy, a sense of humor and a great attitude
*Note: Responsibilities of this role are not limited to the details above*
Qualifications & talents needed for success
- Strong Information Security experience, specifically in PKI/Cryptography (on premise and cloud)
- Solid experience with Python, networking fundamentals, OS (Windows/Linux) security
- Solid working experience with Crypto room ceremonies, root certificate authority (CA) & certificate revocation lists (CRLs), HiPAM (Hitachi ID Privileged Access Manager)
- Expert level experience in SSL certificate management concepts, processes, and solution management
- Solid working experience with two or more vendors like Venafi, Thales, SafeNet HSM (Gemalto), DigiCert, Microsoft, Hashicorp
- PKI infrastructure experience with a strong understanding of PKI
- Experience and understanding of installation and management of Online Certificate Status Protocol (OCSP) infrastructure, Hardware Security Modules (HSM), CMS Enterprise, Venafi Trust Protection Platform, and Venafi TrustNet software suites
- Design and performance optimization for infrastructure and API in-depth knowledge of PKI elements; In-depth knowledge of Certificate Lifecycle Management
- Must be able to collaborate between product management, engineering and IT teams on PKI roadmap
- Experience in building Certificate Policy (CP) and Certificate Practice Statement (CPS)
- Strong technical writing skills to support required documentation
- Experience managing Infrastructure as Code using Ansible, Chef or similar configuration management tool and source code control systems such a GIT, SVN etc.
- Fluent in security & encryption terminology
- Keep up on current technologies and maintain awareness of industry trends and threats, focusing on PKI/PKE technologies
- Agile & Kanban methodologies
- Working knowledge of Jenkins and Chef would be a great plus
- Bachelor's degree required
- Minimum of 7 years of related experience
DTCC is the heart of the post-trade market infrastructure for the global financial services industry. From 21 locations all over the world, DTCC, through its subsidiaries, automates, centralizes and standardizes the processing of financial transactions, mitigating risk, increasing transparency and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. In 2020, DTCC’s subsidiaries processed securities transactions valued at more than U.S. $2.3 quadrillion.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.