Job Description
About the position
Are you ready to make an impact at DTCC?
Do you want to work on innovative projects, collaborate with a dynamic and
supportive team, and receive investment in your professional development? At
DTCC, we are at the forefront of innovation in the financial markets. We are
committed to helping our employees grow and succeed. We believe that you have
the skills and drive to make a real impact. We foster a thriving internal
community and are committed to creating a workplace that looks like the world
that we serve.
The Information Technology group delivers secure, reliable technology solutions
that enable DTCC to be the trusted infrastructure of the global capital markets.
The team delivers high-quality information through activities that include
development of essential, building infrastructure capabilities to meet client
needs and implementing data standards and governance.
The Impact you will have in this role:
Being a member of CISO team, as a Principal Security Engineer â Network & WAF,
you will serve as the handsâon technical lead and subjectâmatter expert for
Akamai edge security at DTCC. You will own the architecture, deployment, tuning,
and ongoing optimization of Akamai WAF solutions protecting DTCCâs
internetâfacing applications.
You will play a critical role in strengthening DTCCâs Zero Trust Network
Security posture, reducing applicationâlayer risk, improving signal quality, and
ensuring secure, scalable delivery of web services in a highly regulated
environment.
This role is ideal for a seniorâlevel engineer who thrives in deep technical
ownership, complex problemâsolving, and crossâfunctional collaboration.
- Responsibilities
- Lead the architecture, deployment, lifecycle management, and advanced tuningof Akamai WAF solutionsto protect DTCC web applications across on-prem andcloud environments.
- Serve as the enterprise Akamai WAF subject matter expert, providing strategicand hands-on leadership forKona Site Defender, Adaptive Security Engine, BotManager, API Security, and Client Reputationcapabilities.
- Act as the Akamai WAF technical lead and escalation point, owning end-to-endpolicy design, staging validation, production rollout, exception handling,and continuous optimization.
- Design and maintain custom Akamai WAF rules, rate controls, bot mitigationstrategies, and API protection policiesto address evolving threat patternswhile minimizing false positives.
- Drive secure onboarding of applications into Akamai, including trafficprofiling, baseline creation, phased enforcement, and post deploymenttuning.
- Lead WAF observability and metrics, including alerting strategy, loganalysis, SIEM integration, and executive level reporting on risk reductionand control effectiveness.
- Partner closely with Security Architecture and the Cyber Threat FusionCenterto:
- Identify application and perimeter security gaps
- Improve existing Akamai and network security controls
- Design, implement, and operate Zero Trust aligned perimeter and edgesecurity capabilities
- Develop and maintain security standards, reference architectures, policies,procedures, and technical documentationrelated to Akamai WAF, IDS/IPS, andnetwork perimeter security.
- Analyze security alerts and events, perform deep root cause analysis, andrecommend effective mitigation and remediation strategies across Akamai andnetwork controls.
- Identify and drive automation opportunities(Akamai APIs, CI/CD integrations,IaC, policy templates) to improve operational efficiency, reduce manualeffort, and enhance detection and response.
- Provide mentorship and technical leadershipto security engineers, settingbest practices for Akamai WAF operations and incident response.
- Requirements
- Bachelor's degree and/or equivalent experience
- Minimum 8 years of Cybersecurity related experience with a strong focus on network and perimeter security
- 10+ years of handsâon cybersecurity engineering experience, with deep expertise inNetwork Security and Zero Trust architectures.
- Strong, handsâon experience with Akamai, including: WAF policy design and tuning
- CDN and edge security concepts
- Managing false positives and rule customization
- Solid understanding of cloud and SaaS security controls, includingAzure ADand Azureenvironments.
- Strong knowledge of network protocols and web architectures, including DNS,TCP/IP, HTTP/S, and firewall technologies.
- Experience working with SIEM tools, packet analysis, and security eventinvestigation.
- Proven ability to work independently as a senior technical lead while collaborating effectively with crossâfunctional stakeholders.
- Strong analytical, criticalâthinking, and problemâsolving skills.
- Excellent communication skills with the ability to explain complex security concepts clearly.
- Nice-to-haves
- Industry certifications such as CISSPor other relevant cybersecuritycertifications are preferred.
- Benefits
- Competitive compensation, including base pay and annual incentive
- Comprehensive health and life insurance and well-being benefits, based on location
- Pension / Retirement benefits
- Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
- DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team oremployee).
Apply tot his job
Apply To this Job