More jobs:
Cyber Security Architect - ZTNA
Job in
Jersey City, Hudson County, New Jersey, 07390, USA
Listed on 2026-06-30
Listing for:
DTCC
Full Time
position Listed on 2026-06-30
Job specializations:
-
IT/Tech
Cybersecurity, Systems Engineer
Job Description & How to Apply Below
Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.
The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.
Pay and Benefits:
- Competitive compensation, including base pay and annual incentive
- Comprehensive health and life insurance and well-being benefits, based on location
- Pension / Retirement benefits
- Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
- DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).
Being a member of IT Cybersecurity and Platform Strategy team, you will lead the design, governance, and implementation of enterprise Zero Trust Network Access (ZTNA) and Secure Service Edge (SSE) capabilities. This role is a hybrid of architecture leadership, governance oversight, and hands-on technical engagement, supporting secure access modernization across a complex, regulated financial services environment.
Your Primary Responsibilities:
Architecture & Strategic Design
- Define and maintain enterprise ZTNA and SSE target-state architectures, roadmaps, and transition strategies aligned with DTCC security principles.
- Establish and document Zero Trust architecture standards, including identity-centric access, least-privilege enforcement, continuous verification, and segmentation.
- Develop and maintain architecture artifacts, including:
- Reference architectures and solution patterns
- High-Level Designs (HLDs) and Low-Level Designs (LLDs)
- Architecture Decision Records (ADRs)
- Serve as the design authority for secure access and connectivity initiatives.
- Translate enterprise security, regulatory, and risk requirements into enforceable architectural guardrails for ZTNA/SSE platforms.
- Ensure access architectures support:
- Policy consistency and traceability
- Exception management and approvals
- Periodic access reviews and recertification
- Audit and regulatory evidence requirements
- Participate in architecture review boards, security design reviews, and governance forums as the ZTNA/SSE subject-matter expert.
- Lead and actively participate in:
- Platform design and configuration
- Proof-of-concepts and pilot implementations
- Migration initiatives (including VPN modernization)
- Architect and guide implementation of SSE capabilities, including:
- Zero Trust Network Access (ZTNA)
- Secure Web Gateway (SWG)
- Cloud Access Security Broker (CASB)
- Firewall-as-a-Service (FWaaS), where applicable
- Integration with Data Loss Prevention (DLP) services
- Design secure access models for:
- Workforce access to internal and cloud-hosted applications
- Third-party and vendor access
- Privileged and high-risk access scenarios
- Design and maintain solutions across a multi-vendor ZTNA/SSE ecosystem, including:
- Zscaler
- Cisco security and secure access platforms
- Akamai enterprise access and edge security services
- Perform comparative technical evaluations and develop vendor-neutral architectural decision frameworks.
- Lead vendor engagements, technical deep dives, and roadmap assessments.
- Ensure operational integration with:
- SIEM/SOAR platforms
- Logging, telemetry, and monitoring systems
- Incident detection and response workflows
- Define and track access-related KPIs and metrics, including:
- Reduction in legacy VPN reliance
- Application onboarding progress to ZTNA
- Policy exception volumes
- Access anomaly detection and response effectiveness
- Drive continuous optimization of security posture, performance, and user experience.
*
* NOTE:
The Primary Responsibilities of this role are not limited to the details above. **
Qualifications:
- Bachelors' Degree and/or equivalent experience
- 8+ years of experience in cybersecurity architecture, network security, or security engineering roles.
- Demonstrated experience designing and implementing Zero Trust architectures in large enterprise environments.
- Strong expertise in:
- Identity-based access controls (SSO, MFA, conditional access)
- Secure network and application connectivity concepts
- Hybrid and cloud-based access architectures
- Experience integrating…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×