Senior Cyber Security Engineer (Operations & Engineering)

Capital Markets Trading•Chicago, IL

6d•Onsite

About The Position

CMT is seeking a Senior Cyber Security Engineer to join a small, capable global technology and security team. Reporting to the Head of Technology and CISO, you will take a leading, hands-on role in running and improving the firm’s security programme, spanning security operations, engineering, incident response, vulnerability management, and identity, cloud, and endpoint security. You will own core security platforms and controls day to day, working alongside infrastructure and support teams and external SOC providers, with support and direction from the Head of Technology and CISO. One day you might be investigating an incident, the next deploying a new control, coordinating a global remediation effort, or presenting recommendations to senior stakeholders. This role is expected to independently drive security outcomes, coordinate remediation efforts across technology teams, and take ownership of issues through to resolution. Success in this role requires a strong sense of ownership, sound judgement, and the ability to balance security risk against business objectives. We are looking for someone who is curious, pragmatic, highly self-motivated, and comfortable operating with a high degree of autonomy in a fast-moving trading environment. This is an on-site role based in our Chicago office. It is not a hybrid or remote position.

Requirements

7+ years of hands-on cyber security engineering or security operations experience.
Strong track record investigating and responding to security incidents.
Experience administering enterprise security tooling across areas such as endpoint protection, application control, vulnerability management, identity security, monitoring, or data protection.
Hands-on experience securing cloud environments such as Microsoft Azure and AWS.
Strong understanding of Windows, Microsoft 365, Entra ID, and enterprise endpoint security.
Solid understanding of networking fundamentals, common protocols, and attack techniques.
Strong scripting and automation skills using PowerShell, Python, or similar languages.
Proven ability to drive remediation activities across multiple technology teams.
Ability to independently assess risk and make practical security recommendations.
Excellent written, verbal, and stakeholder communication skills.

Nice To Haves

Experience in financial services, proprietary trading, hedge funds, asset management, or another regulated environment.
Experience with SIEM and security monitoring platforms.
Experience administering and improving enterprise security technologies across endpoint, identity, cloud, vulnerability management, data protection, and security monitoring domains.
Security automation and orchestration.
Secure design and security architecture reviews.
Infrastructure-as-Code and cloud security tooling.
Relevant certifications such as CISSP, GIAC, Azure Security Engineer, AWS Security Specialty, or similar industry-recognised qualifications.

Responsibilities

Lead technical investigations of security incidents, working with external SOC providers to validate, contain, and remediate threats.
Act as the escalation point for cyber security incidents.
Coordinate response activities across technology teams and third-party providers.
Conduct post-incident reviews and drive improvements to controls, processes, and detection capabilities.
Develop and maintain incident response procedures and playbooks.
Design, implement, and continuously improve security controls across endpoints, identity, cloud, infrastructure, and SaaS platforms.
Develop automation and integrations that improve security visibility, operational efficiency, and control effectiveness.
Establish and maintain security hardening standards and technical baselines.
Evaluate emerging technologies and recommend practical security improvements.
Own the vulnerability management lifecycle from identification through remediation.
Assess risk associated with vulnerabilities, security findings, and control gaps.
Coordinate remediation efforts across infrastructure, support, and engineering teams.
Track remediation progress and provide meaningful reporting to management.
Validate remediation effectiveness and manage exceptions where appropriate.
Administer, optimise, and continuously improve enterprise security platforms and controls across endpoint, identity, vulnerability management, cloud, SaaS, monitoring, and security awareness domains.
Lead platform upgrades, policy reviews, configuration improvements, and operational enhancements.
Measure and report on the effectiveness of security controls and security tooling.
Enhance identity and access controls including MFA, conditional access, privileged access management, and access governance.
Support zero trust, segmentation, and least-privilege initiatives.
Review and improve authentication and authorisation controls across enterprise platforms.
Lead security projects from planning through delivery.
Partner with infrastructure, cloud, development, and support teams to embed security into technology initiatives.
Contribute to security strategy, roadmap planning, and continuous improvement activities.
Support audits, assessments, and vendor due diligence activities.
Represent the security function in discussions with technology teams, vendors, service providers, and business stakeholders.
Communicate security risks and recommendations clearly to both technical and non-technical audiences.
Build strong relationships across the organisation to drive security outcomes and promote a security-conscious culture.