TradeStation is an
on-line brokerage firm seeking to level the playing field for self-directed investors and traders, empowering them to claim their individual financial edge.
At TradeStation, we're continuously pushing the boundaries of what's possible, encouraging out-of-the-box thinking and relentless search for innovation.
We offer a collaborative and flexible work environment, competitive salaries, comprehensive benefits and a generous PTO policy.
POSITION SUMMARY : The primary purpose of this role is to be responsible for the engineering, design, implementation, maintenance, monitoring, analysis, and administration of TradeStation’s security solutions and security events.
The Security Engineer will also establish procedures, and, wherever possible, automate routine day-to-day tasks to reduce operational overhead.
The Engineer will act as a project security lead as a well-rounded subject matter expert in the Information Security domain. ESSENTIAL JOB FUNCTIONS :
Configure and troubleshoot security infrastructure devices
Perform vulnerability assessments, security controls checks, and reporting
Work with project and development teams to identify and define security requirements
Help ensure public cloud environments are properly secured and monitored
Work with Network and System Engineers to understand and document network control systems / equipment, network diagrams and firewall configurations
Respond to and triage system and security alerts
Participate in security incident response through in-depth, technical analysis
Prepare and document standard operating procedures and protocols
Recommend software, tools, and other solutions for technical challenges to address security
Available to provide support during off hours in an on-call rotation
Assist with other security related initiatives as they arise
KNOWLEDGE, SKILLS & ABILITIES :
Proven work experience as a system security engineer or information security engineer
Direct experience with engineering, deploying, managing and supporting various security solutions including firewalls, IDS / IPS solutions, endpoint security (EDR), authentication systems, anomalous network activity detection systems, advanced deception technologies, log management, content filtering, vulnerability scanning tools, etc.
Direct support experience of a privilege access management (PAM) solution, preferably CyberArk
Direct experience designing secure networks, systems and application architectures
Thorough understanding of cloud security principles and cloud native / external tools to ensure the ongoing security and compliance of public cloud implementations, preferably AWS and Azure
Experience with some or all of the following : Wireshark, Email Analysis, Host Forensics (Windows), Virtualization (VMWare, VirtualBox)
Direct experience performing security incident response, log and network forensics
Familiarity with web related technologies such as web applications, web services, and service-oriented architectures along with network / web related protocols
Experience planning, researching and developing security policies, standards and procedures
Able to multitask and prioritize in a dynamic environment with continuously shifting priorities
Ability to communicate security concepts and issues to peers and management
Strong analytical, prioritizing, interpersonal, problem-solving, presentation, project management (from conception to completion) and planning skills
Excellent verbal and written communication skills
Possess and maintain up-to-date understanding of emerging trends in InfoSec and a thorough understanding of the latest security principles, techniques, and tooling
Demonstrated personal initiative in maintaining a continuous high level of professional knowledge in areas of security and risk management
A thirst for knowledge and self-improvement
EDUCATION & EXPERIENCE :
Bachelor’s degree preferred
Requires a minimum of 5 years of progressive InfoSec work experience
One or more of the following certifications strongly preferred : CISSP (and / or other ISC2 certifications) SANS GIAC certifications CEH, OSCP, or other penetration testing certifications Other industry recognized certifications or accreditations