Lead Cloud Security Engineer - Azure in London

Being a member of IT Cybersecurity & Platform Strategy team, the Sr. Associate IT Security Engineer - Cloud Security (Azure) will serve as a hands‑on technical specialist focused on securing DTCC's Microsoft Azure cloud environment, while maintaining working knowledge of AWS and GCP to support multi‑cloud security initiatives. The Cybersecurity Engineering organization is responsible for delivering best‑in‑class security capabilities that protect DTCC's enterprise technology platforms and public cloud environments. This role requires deep, recent experience with Azure— including native security services, Azure Policy, governance, identity, monitoring, and threat protection—and will partner closely with platform, architecture, and incident response teams to design, implement, and operate secure cloud solutions at enterprise scale.

Responsibilities

• Serve as a subject matter expert for Azure security, including identity, network, compute, data, monitoring, and governance controls.
• Design, implement, and maintain Azure security baselines, policies, and guardrails using Azure Policy and Policy-as-Code.
• Secure Azure subscriptions and workloads using native services such as Microsoft Defender for Cloud, Azure Monitor, Log Analytics, Sentinel, Key Vault, and Entra ID.
• Evaluate, onboard, and operationalize cloud security tooling, including Wiz, to enhance cloud posture management, risk visibility, and remediation workflows.
• Partner with platform and application teams to ensure secure‑by‑default architectures and adherence to DTCC security standards.
• Support incident response, threat investigation, and forensic analysis related to Azure cloud events.
• Collaborate across AWS and GCP teams to align multi‑cloud security standards, controls, and patterns.
• Develop and maintain security documentation, runbooks, and operational procedures for cloud security services.
• Identify opportunities for security automation to reduce manual effort and improve control effectiveness.
• Stay current on emerging cloud security threats, Azure feature updates, and industry best practices.

Qualifications

• Minimum of 6 years of related experience.
• Bachelor's degree preferred or equivalent experience.
• 4–5 years of experience in cybersecurity engineering, with strong hands‑on Azure experience (active within the last 12 months).
• Expert‑level knowledge of Microsoft Azure architecture and security services.
• Strong experience with Azure Policy, governance, RBAC, PIM/PAM, logging, and monitoring.
• Familiarity with cloud security posture management (CSPM) concepts and tools, including Wiz.
• Working knowledge of AWS and Google Cloud Platform (GCP) security services.
• Experience supporting enterprise‑scale cloud environments with regulated or high‑availability workloads.
• Ability to analyze complex security problems and deliver practical, risk‑based solutions.
• Coding or scripting skills with Python, PowerShell, or other advanced programming languages.
• Certifications such as CISSP, CCSP, Security+, or equivalent.
• Experience with infrastructure as code, automation, or scripting (e.g., Terraform, PowerShell, Python).
• Familiarity with industry security frameworks and standards (e.g., NIST, CIS, ISO 27001).

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We are committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact.

Benefits

• Competitive compensation, including base pay and annual incentive.
• Comprehensive health and life insurance and well‑being benefits.
• Pension.
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well‑being.
• DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays, and a third day unique to each team or employee).