Principal AI Security Automation Engineer

The Depository Trust & Clearing Corporation
Jersey City, United States of America
4 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Jersey City, United States of America

Tech stack

API
Artificial Intelligence
Amazon Web Services (AWS)
JIRA
Burp Suite
Cloud Computing Security
Continuous Integration
Github
Identity and Access Management
Python
Maven
Openshift
Open Web Application Security
Systems Development Life Cycle
Secure Coding
Software Engineering
SonarQube
Systems Integration
Software Vulnerability Management
Policy as Code
Large Language Models
Software Security
Veracode
GIT
Event Driven Architecture
Containerization
Kubernetes
Bitbucket
REST
Devsecops
Api Management
Docker
Security Orchestration, Automation & Response
Jenkins
Static Application Security Testing
Dynamic Application Security Testing

Job description

  • Design and implement automation workflows supporting AI-powered vulnerability discovery and remediation.
  • Develop integrations between AI scanning platforms, security tools and SDLC platforms.
  • Build and maintain findings ingestion, normalization and enrichment pipelines.
  • Integrate AI scanning outputs into ASPM, vulnerability management and developer workflows.
  • Develop automated triage, prioritization and remediation orchestration capabilities.
  • Create dashboards, metrics and reporting capabilities supporting security decision-making.
  • Build APIs and automation services connecting security tooling across the enterprise.
  • Partner with AppSec, Vulnerability Operations and Development teams to operationalize findings.
  • Improve scanning efficiency through workflow optimization and intelligent automation.
  • Support secure deployment and operation of AI-based security capabilities.
  • Contribute to governance, auditability and operational controls for AI-driven security processes.
  • Evaluate emerging AI security technologies and identify opportunities for automation.

Requirements

  • Minimum of 8 years of related experience
  • Bachelor's degree preferred and/or equivalent experience

Talents Needed for Success:

  • 6+ years of software engineering, DevSecOps, Application Security, or security automation experience
  • Strong hands-on development experience in Python, with the ability to develop production-grade security tooling, automation frameworks, and integrations
  • Experience designing and operating application security tooling including SAST, DAST, SCA, secrets scanning, ASPM, or vulnerability management platforms
  • Experience integrating security controls into CI/CD pipelines and developer workflows
  • Strong understanding of secure software development practices, OWASP Top 10, secure coding, threat modelling, and vulnerability remediation
  • Experience developing API integrations using REST APIs, SDKs, and event-driven architectures
  • Experience working with AI/LLM platforms such as Claude, OpenAI, Bedrock, or similar
  • Experience building automated workflows for vulnerability discovery, triage, prioritization, and remediation
  • Experience with containerized environments using Docker, Kubernetes, and OpenShift
  • Familiarity with AWS security services, IAM, Security Hub, GuardDuty, and cloud-native security controls
  • Experience with CI/CD and SDLC tooling including Git, Bitbucket, Jira, Jenkins, GitHub Actions, Maven, and related platforms
  • Understanding of AI security risks including prompt injection, model abuse, AI supply chain security, and agent security
  • Experience working in Agile delivery environments, * CISSP, TAISE, OSCP, CSSLP, or similar certifications
  • Experience with Apiiro, Veracode, SonarQube, Semgrep, Burp Suite, or comparable security platforms
  • Experience implementing policy-as-code or security guardrails within engineering platforms
  • Experience supporting enterprise-scale vulnerability management programmers

Benefits & conditions

Full time

Are you ready to make an impact at DTCC? Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential, building infrastructure capabilities to meet client needs and implementing data standards and governance.

Pay and Benefits:

  • Competitive compensation, including base pay and annual incentive
  • Comprehensive health and life insurance and well-being benefits, based on location
  • Pension / Retirement benefits
  • Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
  • DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

About the company

With over 50 years of experience, DTCC is the premier post-trade market infrastructure for the global financial services industry. From 20 locations around the world, DTCC, through its subsidiaries, automates, centralizes, and standardizes the processing of financial transactions, mitigating risk, increasing transparency, enhancing performance and driving efficiency for thousands of broker/dealers, custodian banks and asset managers. Industry owned and governed, the firm innovates purposefully, simplifying the complexities of clearing, settlement, asset servicing, transaction processing, trade reporting and data services across asset classes, bringing enhanced resilience and soundness to existing financial markets while advancing the digital asset ecosystem. In 2024, DTCC's subsidiaries processed securities transactions valued at U.S. $3.7 quadrillion and its depository subsidiary provided custody and asset servicing for securities issues from over 150 countries and territories valued at U.S. $99 trillion. DTCC's Global Trade Repository service, through locally registered, licensed, or approved trade repositories, processes more than 25 billion messages annually. To learn more, please visit us at www.dtcc.com or connect with us on LinkedIn, X, YouTube, Facebook and Instagram. DTCC proudly supports Flexible Work Arrangements favoring openness and gives people freedom to do their jobs well, by encouraging diverse opinions and emphasizing teamwork. When you join our team, you'll have an opportunity to make meaningful contributions at a company that is recognized as a thought leader in both the financial services and technology industries. A DTCC career is more than a good way to earn a living. It's the chance to make a difference at a company that's truly one of a kind.

Apply for this position