Job Description

The Impact You Will Have in This Role

As the Principal DevOps Engineering Manager within DTCC's Technology Research & Innovation (TRI) team, you will play a critical role in Web3 infrastructure by designing, scaling, and operationalizing secure-by-default cloud platforms and delivery pipelines that enable teams to move fast without compromising controls. You will lead the strategy and execution for building automated, resilient, and compliant cloud environments while valuing multi-cloud perspective by partnering with cloud engineering, application teams, architecture, risk, and security stakeholders to define clear standards, embed security automation into the software delivery lifecycle, and drive adoption of infrastructure-as-code (IaC) and cloud-native patterns. In this role, you will help TRI accelerate delivery by implementing repeatable, policy-aligned automation across provisioning, identity, monitoring, and vulnerability management, strengthening DTCC's cloud posture while enabling scalable innovation and reliable execution.

Your Primary Responsibilities

• Design, implement, and manage secure, automated Azure environments using Terraform, Bicep, and DevSecOps best practices
• Build and deploy workloads to Azure subscriptions, leveraging services such as Azure Resource Manager, Azure Policy, and Microsoft Defender for Cloud
• Integrate security controls into CI/CD pipelines and automate infrastructure provisioning and policy enforcement
• Collaborate with development, security, and operations teams to implement security by design across all stages of the SDLC
• Conduct regular system audits and security reviews, ensuring compliance with best practices.
• Develop and maintain comprehensive technical documentation and best practices.
• Develop and maintain reusable infrastructure modules and tooling in at least one popular programming language (e.g., Python, Go, TypeScript, Java)
• Provide subject matter expertise on core Azure services, including compute, networking, storage, identity, and governance
• Support and enhance landing zones such as Azure Landing Zones or custom-built governance frameworks
• Evaluate and integrate Cloud-Native Application Protection Platforms (CNAPP) such as Wiz, as part of the security toolchain
• Collaborate using GitHub for source control and automation workflows (e.g., GitHub Actions)
• Work cross-functionally with teams operating in hybrid or multi-cloud environments including AWS and Microsoft Entra ID
• Contribute to incident response, security auditing, and compliance initiatives as needed
• Leverage Azure DevOps for pipeline orchestration, release management, and integrated development workflows
• Identify and mitigate risks by adhering to established procedures and controls
• Engage with external vendors for support, architecture reviews, licensing, and issue resolution
• Identify and mitigate risks by adhering to established procedures and controls

**NOTE: The Primary Responsibilities of this role are not limited to the details above. **

Qualifications

• Minimum 8 years of experience in DevOps, Cloud Engineering, or related roles with a focus on Azure or AWS
• Bachelor's degree (preferred) or equivalent experience
• Strong hands-on experience with Terraform and Bicep (or CloudFormation for Azure or AWS)
• Proficiency in at least one modern programming language (e.g., Python, Go, TypeScript, or Java)
• Deep understanding of Azure core services (e.g., Azure VMs, VNet, Azure AD, Key Vault, Storage, Functions) and/or AWS equivalents
• Experience with CI/CD tools and secure software development practices
• Strong knowledge of networking, IAM policies, and cloud-native security controls
• Familiarity with Git-based workflows and DevOps tooling (e.g., GitHub Actions, GitLab CI/CD)
• Experience with Azure DevOps for build/release pipelines and integrated project tracking
• Demonstrated ability in people management leading a team of high performing engineers with proven hands-on staff performance management and mentoring

Talents Needed for Success

• Hands-on experience with Azure Landing Zones, Azure Policy, and Microsoft Entra ID (Azure AD)
• Exposure to AWS Control Tower, Landing Zones, and AWS Organizations
• Experience with CNAPP tools such as Wiz, Palo Alto Prisma Cloud, or Orca Security
• Azure Certifications (e.g., Azure Solutions Architect, Security Engineer, DevOps Engineer) are a strong plus
• Familiarity with compliance frameworks (e.g., CIS, NIST, ISO 27001) as applied in cloud environments
• Experience with Distributed Ledger Technology (DLT) platforms or blockchain frameworks is a plus

The salary range is indicative for roles at the same level within DTCC across all US locations. Actual salary is determined based on the role, location, individual experience, skills, and other considerations.

About the Team

Serves as a dedicated technology resource for advancing DTCC's business opportunities and providing industry thought leadership for leveraging new technology. The goal of this new department is to partner internally with IT, our business and regulatory divisions and externally with clients, regulators, and fintech vendors, to help build new platforms and business models to advance DTCC's mission to support the financial markets.