IT Risk and Security Engineer

model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The impact you will have in this role:

The Machine Identity Governance associate is responsible for defining, implementing, and operating enterprise-wide governance for non-human identities, including applications, workloads, services, APIs, cloud resources, and devices. This role owns the strategy, policy, and lifecycle management of digital certificates, cryptographic keys, and related machine credentials across hybrid, multi-cloud, and on-premises environments.

Principal Responsibilities:

The associate's responsibilities, reporting to the Director of Machine Identity Governance, are as follows.

• Assist with end-to-end certificate lifecycle across the enterprise, including:

• Certificate request and issuance

• Renewal and rotation

• Revocation and decommissioning

• Support the execution of machine identity governance policies and standards for non-human identities

• Maintain and update inventories of machine identities, including certificates, keys, and service credentials

• Assist in identifying orphaned, expired, or misconfigured machine identities

• Monitor adherence to governance controls and escalate exceptions or risks

• Support audits, risk assessments, and compliance activities related to machine identities

• Document machine identity processes, standards, and operational procedures

• Coordinate with IAM, cloud, and application teams to ensure governance requirements are understood and followed

• Define and enforce certificate policies, including validity periods, cryptographic algorithms, key sizes, and usage constraints

• Maintain accurate certificate inventory records, including ownership, purpose, and expiration dates

• Identify and report at-risk certificates (expired, expiring soon, weak crypto, unknown owners)

• Assist with certificate, issuance requests and validation of required information

• Support certificate automation efforts by validating coverage and reporting gaps

Required Knowledge and Skills

• Foundational understanding of:

• Digital certificates (X.509)

• TLS/SSL concepts

• Machine-to-machine authentication

• Experience working with ticketing systems, inventories, or monitoring tools

• Strong attention to detail and ability to manage recurring operational tasks

• Ability to follow documented processes and escalate issues appropriately

• Understanding of IT risks and implications to the business.

• Strong potential for growth and acceptance of additional responsibilities

• Ability to prioritize, focus and execute tasks in a timely manner.

• Ability to work in a team-oriented, collaborative environment.

• Fluent both written and spoken English.

• Demonstrated ability to write report segments and to participate in presentations.

• Possess a balance of analytical problem solving ability, strong interpersonal and communication skills, attention to detail, and technical acumen.

Required Education, Training &/or Certification

• One or more information security or audit certifications (e.g., CISSP, CISM, CISA) is a plus.

• 2-5 years' experience: IT security, IAM, infrastructure, PKI, TLS certificates

• Bachelors' degree in Cybersecurity and/or related experience

Actual salary is determined based on the role, location, individual experience, skills, and other considerations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation

About Us

With over 50 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From 20 locations around the world, DTCC, through its subsidiaries, automates, centralizes, and standardizes the processing of financial transactions, mitigating risk, increasing transparency, enhancing performance and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm innovates purposefully, simplifying the complexities of clearing, settlement, asset servicing, transaction processing, trade reporting and data services across asset classes, bringing enhanced resilience and soundness to existing financial markets while advancing the digital asset ecosystem. In 2024, DTCC's subsidiaries processed securities transactions valued at U.S. $3.7 quadrillion and its depository subsidiary provided custody and asset servicing for securities issues from over 150 countries and territories valued at U.S. $99 trillion. DTCC's Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes more than 25 billion messages annually. To learn more, please visit us at https://www.dtcc.com or connect with us on LinkedIn , X , YouTube , Facebook and Instagram .

DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you'll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It's the chance to make a difference at a company that's truly one of a kind.

Learn more about Clearance and Settlement by clicking here .

About the Team

IT Risk and Data Services department seeks to meet our clients' needs by capitalizing on the progress made in both the Risk Technology Program and the Data Analytics work and driving adoption of these capabilities across the enterprise. Important initiatives like the Modernization and Resiliency Programs count on these foundational capabilities to succeed.