Information Security Engineer in Richardson, TX at TradeStation

Date Posted: 11/14/2019

Job Snapshot

Job Description

Information Security Engineer
Richardson, TX

 
#WeAreTradeStation
 
TradeStation is an on-line brokerage firm seeking to level the playing field for self-directed investors and traders, empowering them to claim their individual financial edge.  At TradeStation, we're continuously pushing the boundaries of what's possible, encouraging out-of-the-box thinking and relentless search for innovation.  We have built a team of amazing people who work together in a high performance culture to provide our clients with exceptional products and services.  We offer a collaborative and flexible work environment, competitive salaries, comprehensive benefits and an unlimited PTO policy.
 
The primary purpose of this role is the engineering, design, implementation, maintenance, monitoring, analysis, and administration of TradeStation’s security solutions and security events.  The Information Security Engineer will also establish procedures, and, wherever possible, automate routine day-to-day tasks to reduce operational overhead. The Engineer will act as a project security lead as a well-rounded subject matter expert in the Information Security domain.  Both cloud and on-prem technologies and solutions are within scope.
 
ESSENTIAL JOB FUNCTIONS:
  • Assist in developing and maintaining a robust security technology strategy designed to address risks associated with cloud and data center environments
  • Recommend, implement, configure, and maintain technical security solutions designed to protect information assets both on-prem and cloud-based
  • Perform vulnerability assessments, security controls checks, and reporting
  • Work with project and development teams to identify and define security requirements
  • Maintain a solid knowledge of current security threats and solutions to ensure public cloud and on-prem environments are properly secured, monitored, and documented
  • Work with Network and System Engineers to understand and document network control systems/equipment, network diagrams and firewall configurations
  • Participate in security incident response through in-depth, technical analysis
  • Prepare and document standard operating procedures and protocols
  • Assist with other security related initiatives as they arise

KNOWLEDGE, SKILLS & ABILITIES:
  • Proven work experience as a system security engineer or information security engineer
  • Experience securing multi public cloud environments
  • Excellent understanding/working knowledge of the public cloud infrastructure and services in AWS (IAM, VPC, KMS, CloudWatch, Systems Manager, S3, RDS, Route53, Lambda, AWS Config, Azure PaaS, Azure networking, Azure Security Center, etc.)
  • Ability to actively assess existing cloud implementations, identifying security issues/ prioritizing fixes and delegating to junior technical resources appropriately
  • Experience working within an environment using DevOps and CI/CD strongly preferred
  • Ability to engineer and implement public cloud security tools and techniques to ensure the ongoing security and compliance of all public cloud implementations
  • Direct experience with engineering, deploying, managing and supporting various security solutions including firewalls, IDS/IPS solutions, endpoint security, authentication systems, log management, content filtering, vulnerability scanning tools, etc.
  • Direct experience designing secure networks, systems and application architectures
  • Familiarity with web related technologies such as web applications, web services, and service oriented architectures along with network/web related protocols
  • Direct experience performing security incident response
  • Experience planning, researching and developing security policies, standards and procedures
  • Thorough understanding of the latest security principles, techniques, and tooling
  • Able to multitask and prioritize in a dynamic environment with continuously shifting priorities
  • Ability to communicate network security concepts and issues to peers and management
  • Possess and maintain up-to-date understanding of emerging trends in InfoSec including research of the latest security products to combat these threats
  • Strong analytical and problem solving skills
  • Excellent verbal and written communication skills
  • Demonstrated personal initiative in maintaining a continuous high level of professional knowledge in areas of security and risk management

EDUCATION & EXPERIENCE:
  • Bachelor’s degree in Information Security, Information Systems, or a related field with at least 3 years of experience OR 7 years of demonstrable progressive work in the information security field
  • Experience with cloud security and/or emerging security technologies such as AI-based systems strongly preferred
  • One or more of the following certifications strongly preferred:
    • CISSP (and/or other ISC2 certifications)
    • SANS GIAC certifications
    • CEH, OSCP, or other penetration testing certifications
    • Other industry recognized certifications or accreditations