We're hiring a hands-on principal security engineer to implement and operate security controls across our infrastructure. This is a technical execution role where you'll be writing code, configuring systems, and shipping security improvements, not writing policies or managing people. You'll work closely with Infrastructure and Engineering teams to harden our cloud environments, secure our CI/CD pipelines, and protect both corporate and production systems. The scope is broad, the environment is fast-paced, and you'll be expected to own problems end-to-end. We believe security should enable the business, not obstruct it. You'll design controls that are effective but unobtrusive, security that works in the background without creating friction for engineers or traders. ### What You'll Do
Implement and maintain security controls across multi-cloud environments (primarily AWS and Azure, with some GCP and AliCloud) and on-prem infrastructure
Own IAM strategy and implementation: design and enforce identity, access, and permissions models that are secure, scalable, and practical
Design and operate key management and custody security controls such as HSMs, secrets management, and secure key handling for trading operations
Harden CI/CD pipelines (GitLab) and secure the software delivery process
Respond to security incidents: triage, investigate, contain, remediate
Conduct security assessments of infrastructure and applications
Automate security operations: detection, alerting, and response
Work with Infrastructure to embed security into cloud provisioning and system configuration
What We're Looking For
8+ years' hands-on experience in security engineering or security operations
Strong, opinionated views on IAM (you've designed and implemented identity and access management across cloud environments and have a clear philosophy on how it should work)
Strong working knowledge of cloud security controls across multiple providers (AWS and Azure preferred)