Enterprise Security Engineer

United States, New York
Permanent
Job ID: 2350

Job Description


[Up to c. $350k Comp Package | On-Site Working]


Role Overview

We’re representing a globally recognised quantitative trading firm that combines advanced research, distributed computing, and next-generation AI systems to drive its trading strategies. The business is now seeking an Enterprise Security Engineer to enhance and protect the platforms powering some of the most demanding environments in finance.

The role sits within the Enterprise Security team in New York and will suit a senior engineer who can own multiple domains rather than operate in a narrow silo. The strongest candidates will bring meaningful depth in at least three core areas such as endpoint security, vulnerability management, SaaS security, identity and access management, enterprise PKI, or automation. Profiles from technology-forward environments or strong MSSPs are particularly relevant, especially where they have partnered closely with engineers to deliver practical security improvements...


Key Responsibilities

  • Own endpoint security across Linux, macOS, and Windows environments, ensuring consistent enforcement of protection, monitoring, and incident readiness
  • Design, implement, and maintain secure-by-default architectures across enterprise, hybrid, and cloud environments, ensuring scalability and operational usability
  • Strengthen security across cloud, SaaS, and AI-adjacent platforms, embedding controls that protect high-performance research and engineering systems
  • Build automation to detect configuration drift, anomalies, vulnerabilities, and control gaps, partnering with Security Operations to refine response workflows
  • Engineer and maintain IAM and authentication solutions, enforcing least-privilege access and integrating identity controls across hybrid infrastructure
  • Support and improve enterprise PKI capabilities, including certificate lifecycle processes, trust models, and secure authentication patterns
  • Lead initiatives to improve Linux and Kubernetes security, implementing configuration baselines, container hardening, and runtime protection
  • Operate and mature vulnerability management processes, prioritising risks and coordinating remediation across engineering and infrastructure teams
  • Enhance observability and instrumentation across enterprise systems, improving detection, visibility, and forensic readiness
  • Contribute to DevSecOps pipelines, embedding automated checks, compliance testing, and security validation into deployment workflows
  • Collaborate cross-functionally to develop secure-by-design principles that balance performance, scalability, and user experience
  • Continuously assess emerging technologies, AI threat models, and attack vectors to inform long-term enterprise security strategy


What You’ll Bring...

  • 4-9 years’ professional experience in security engineering, enterprise security, systems security, or a closely related technical discipline
  • Real hands-on depth in at least three of the following: endpoint security, vulnerability management, SaaS security, IAM, enterprise PKI, or Python automation
  • Strong practical knowledge of Linux environments, including configuration, hardening, and observability at scale
  • Experience securing mixed endpoint estates across Linux, macOS, and/or Windows environments
  • Hands-on experience in cloud or SaaS security, ideally including IAM, encryption, logging, policy enforcement, and access controls
  • Proficiency in Python or similar scripting languages for automating security tooling, data collection, reporting, and remediation workflows
  • Familiarity with Kubernetes and container security, including runtime controls, image management, and platform hardening
  • Strong understanding of vulnerability assessment and configuration management, including prioritisation and automation of fixes
  • Experience supporting authentication and identity services, with practical knowledge of federation, SSO, access policies, and privileged workflows
  • Clear communication skills and the judgement to balance security outcomes with business and engineering needs
  • (Preferred) Background in a technology-forward company, quantitative trading firm, high-growth engineering environment, or strong MSSP
  • (Preferred) Experience securing AI or machine learning environments, particularly around model access, GPU workloads, or data protection
  • (Preferred) Understanding of DevSecOps practices, integrating automated checks into CI/CD pipelines


...

Apply for this role

All fields marked with * are required.

I confirm I have a pre-existing right to work in the role’s location *
I require visa sponsorship now or will require it in the future

Back to Job Listings