Principal Software Engineer (Identity & Access Management)

    • Chennai, India

About this Opportunity

The Principal Software Engineer (Identity & Access Management) role is a strong technical leader in Privileged Access Management, Identity & Access Management technologies and application and data security concepts; utilizes technical and organizational skills in order to implement a wide range of systems and platforms.

This role is responsible for working directly across multiple teams, management levels, subject matter experts, and business groups to enable approaches to risk-based information security initiatives; manage information security risks, assessments, and delivers solutions to reduce IT security related risks. The ideal candidate will have technical experience with implementing complex integrations, while communicating with multiple stakeholders throughout a project's life cycle.

Business Unit: Information Technology

The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.

Department: Application Development

AD delivers solutions that respond to the business needs of the global capital markets with quality, efficiency, and excellence, using innovative technologies and providing secure information management.

The Identity and Access Management Tools within Application Development delivers secure, reliable technology solutions that ensures access to DTCC information assets is available only to those persons and systems legitimately given authority to do so. It looks to achieve these goals by supporting the systems that enforce Privileged Access Management and IAM policies, centralizing access requests, implementing policy bases access management, role oriented methodology, automating access provisioning/de-provisioning, system to system integrations and simplifying and strengthening authentication and authorizations.

Specific responsibilities

  • Participates from the early stages of an initiative, working with business development and product management, to analyze the overall business problem and objectives and to develop requirements to meet those objectives
  • Serves as a key member of the Privileged Access Management implementation team, providing leadership in detailed design architecture and implementation analysis that will identify requirements related to people, processes and technology Implements Hitachi-ID PAM integrations with a variety of technology platforms (Mainframe, Distributed and Cloud) and applications; automate onboarding and management of accounts
  • Implements automation through PAMUtil and other available APIs, implements custom solutions in Hitachi Password Manager and IDM products, and other identity and access management systems
• Ensures physical data model supports the performance, privacy and security requirements
• Designs Frameworks that promote concepts of isolation, extensibility, and extendibility
  • Design, develop, code, test, configure, debug software to ensure that the software meets the needs of end-users and achieves business goals
  • Modifying HTML+CSS+JS user interfaces; reviewing product usability; unit, regression and stress tests
  • Planning and executing product upgrades
  • Understand industry-specific best practices & standards and applicability to DTCC systems.
  • Provide technical guidance to development teams and oversee the technical aspects
  • mapping data between systems and automating data flows
  • Improve the performance of existing software
  • Provide training to other Software Engineers
  • Maintain and upgrading existing software
  • Recommend new technologies that can help increase productivity
  • Supervise and oversee the technical aspects of all projects
  • Investigate software-related complaints and making necessary adjustments to ensure optimal software performance
  • Regularly attend team meetings to discuss projects, brainstorm
  • Ability to configure and manage most of the following systems :
    • Hitachi-ID Systems (HiPAM, HiPM and IDM)
    • HashiCorp, PING, AWS IAM
    • Windows servers Unix/Linux systems IIS or Apache (including writing HTML, CSS) Active Directory or LDAP, ISAM MSSQL, Oracle or MySQL (including writing SQL queries)
    • Networks (IP routing, TCP filters)
    • RSA Secure ID, RSA IGL
    • HashiCorp, PING, AWS IAM


  • 10+ years' overall experience in IT with emphasis on privileged and identity & access management, preferably in Financial Services systems and operations,
  • 6+ years' experience in application development & programming
  • 3+ years security architect/technical lead
  • Bachelor's degree in technical discipline or related field
  • CISSP or CISM certification is a major plus

Specific Skills

Relevant experience in the following areas:
    Strong analytical skills Excellent verbal and written communication skills Excellent organizational and leadership skills Proven experience in software development methodologies Proven experience building complex system integrations Strong knowledge of Security and Privacy Risks Maintains professional and technical knowledge by participating in continuing education; reviewing professional Experience with third-party/vendor tools

    Privileged Access Management - HiPAM, HashiCorp Vault, AWS Secrets, RACF Identity and Access Management - RSA IGL Proven experience in programming languages like Python, PowerShell, Perl, PHP, Shell Script, API, Java and JavaScript Cloud IAM - AWS Identity and Access Management (IAM), Azure AzureAD Zero Trust modeling - BeyondCorp, Palo Alto, etc. Attribute and Policy Based Access Management (PBAC) - PlainID or Axiomatics Network based IA & VPN - Palo Alto User-ID, App-ID, CheckPoint IA, Junos Pulse VPN, etc. Security Proxies - (NetScaler, Bluecoat, ZScaler, F5, Akamai)
  • Information security policies, standards, industry best practices, and frameworks (NIST 800-53, NIST CSF, HITRUST, ISO 27K, etc.)

Who We Are

With over 45 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From operating facilities, data centers and offices in 16 countries, DTCC, through its subsidiaries, automates, centralizes and standardizes the processing of financial transactions, mitigating risk, increasing transparency and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm simplifies the complexities of clearing, settlement, asset servicing, data management, data reporting and information services across asset classes, bringing increased security and soundness to financial markets. In 2018, DTCC's subsidiaries processed securities transactions valued at more than U.S. $1.85 quadrillion. Its depository provides custody and asset servicing for securities issues from 170 countries and territories valued at U.S. $52.2 trillion. DTCC's Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes over 14 billion messages annually. To learn more, please visit us at or connect with us on LinkedIn, Twitter, YouTube and Facebook.

DTCC employees work at the center of the world’s financial markets, bringing both innovation and stability to the entire post-trade lifecycle.

DTCC Company Image

Back to top