Principal Platform Engineer (Palo Alto Firewall)

Are you ready to make an impact at DTCC?   

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets.  We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact.  We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve. 

Pay and Benefits: 

• Competitive compensation, including base pay and annual incentive 
• Comprehensive health and life insurance and well-being benefits, based on location 
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. 
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).  

The impact you will have in this role: 

The Platform Hosting & Engineering role specializes in the development, implementation, and support of all distributed, mainframe, and network hosting services across the firm. Responsible for the installation, configuration, programming, and support of operating systems, sophisticated networks, and distributed environments, deploying solutions to increase overall system reliability across the firm.

Being a member of Network Services team for driving modifications, automation and/or process improvement through advising partners and product ownership of NextGen Firewalls, Intrusion Prevention Systems and Network Security Analytics.  You are someone who has solid attention to detail, as well as motivation to collaborate and share their technical knowledge in network security, analytics, telemetry, and security standard methodologies.  You will be SME in operations and project delivery, stabilization and reliability to the organization.  You will be supporting and implementing network security technologies and practices.  The Network Security Services team provides security to the production environment – automation, policy optimization, process improvement and product ownership/life-cycle management in the firewall space. 

 Your Primary Responsibilities: 

• The Principal Platform Engineer (Firewall) will be responsible for providing third level support in the firewall project and operations arena. 
• The Engineer must have hands-on experience with the ability to provide comprehensive technical consultation to business unit, IT management and staff at the highest technical level on all phases of the project development cycle. Be capable of solving sophisticated Network/Collaboration/Security technology issues and respond if called into a Severity Production outage.
• Responsible for supporting the implementation of new systems, upgrades and modification. Will also participate in planning, testing, coordinating and scheduling. Will ensure that change management and defined security procedures for all assigned systems are executed in accordance with client policies and procedures 
• Minimizes client service interruptions through early identification and resolution of problems. Analyzes monitoring and maintenance data and implements changes as required to achieve optimum performance. Makes and implement recommendations for resources required to maintain and/or expand service levels. 
• Extensive interfacing, collaboration, and coordination of efforts with vendors and other departments in the company. 
• Provide training to 1st Level NOC staff and Level 1-2 Engineers as needed. 
• Must be flexible and available to provide off-hours support when required and in some cases, be a part of 24/7 on-call rotation. 
• Mitigates risk by following established procedures and supervising controls, spotting key errors and demonstrating strong ethical behavior.

Talents Needed for Success: 

• Minimum of 8 years in IT working in complex high reliability global environments. 
• Minimum of 7 years of experience in Palo Alto’s firewall and 5 years of experience in Checkpoint firewalls. Equivalent of vendor certification is accepted provided that other firewall experience has also been contained (ie. Fortinet/CiscoASA/Juniper)
• Hands-on experience in migrating Checkpoint firewalls to Palo Alto will minimal interruption and high availability and reliability architect. 
• Experience of Palo Alto technologies is a plus: Identity Base, XSOAR, Panorama, Minemeld and Threat Prevention, DNS Security, URL Filtering or Wildfire.
• Minimum of 8 years of experience in networking or network security on the following technologies: routing protocols (OSPF, BGP), VLANS, High Availability architect, VRF’s, IPSEC, policy enforcement IPS, DNS, Network Segmentation and DDOS.  Private/Public is a plus. 
• Proficient in Troubleshooting (TCPDUMP, FWMONITOR, ZDEBUG), analyzing sniffer and packet captures
• Work experience on Load-balancers, Proxies, Wireless and Cisco ISE technologies is a plus.
• Strong VLAN, routing protocols, policy enforcement and security analysis
• Strong project management and leadership skills 
• Familiarity with ITSM – Request Management, Change Management, Incident Management and Problem Management 
• Knowledge and expertise in disaster recovery exercises 
• Familiarity with Automation and Monitoring tools: HPNA, QRADAR, CAPM, NETIM and ALGOSEC.
• Microsoft office applications: PowerPoint, Word, Excel, Visio
• Compliance and Audit experience would be a plus

Actual salary is determined based on the role, location, individual experience, skills, and other considerations.We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

DTCC safeguards the financial markets and helps them run efficiently, in times of prosperity and crisis. We are uniquely positioned at the center of global trading activity, processing over 100 million financial transactions every day, pioneering industry-wide, post-trade solutions and maintaining multiple data and operating centers worldwide. From where we stand, we can anticipate the industry’s needs and we’re working to continually improve the world’s most resilient, secure and efficient market infrastructure. Our employees are driven to deliver innovative technologies that improve efficiency, lower cost and bring stability and certainty to the post-trade lifecycle.
DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork.  When you join our team, you’ll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It’s the chance to make a difference at a company that’s truly one of a kind.

Learn more about Clearance and Settlement by clicking here.