Senior Information Security Engineer

Job Description

Tower Research Capital, a high-frequency proprietary trading firm founded in 1998, seeks a Senior Security Engineer to join our Information Security team.

The position calls for using a diverse set of technical and security skills with the ability to quickly adapt to and learn unfamiliar technologies within a regulated financial environment. 

Key responsibilities: 

  • Collaborate with engineers to develop secure services with a focus on cryptocurrency.
  • Develop/implement automated systems to help spot known security exposures.
  • Consult on discovered security flaws, how to exploit them, and how to remediate flaws.
  • Conduct threat mapping with respect to competitors, state-sponsors and hacktivists.
  • Conduct intelligence gathering including digital, social and physical aspects.
  • Conduct attack simulation exercises on a periodic basis.
  • Continuous assessment around the effectiveness of defense response.
  • Demonstrate use of information and access by adversaries to stakeholders.
  • Ensure adherence to appropriate standards, best practices, workplace policies and procedures. 
  • Work effectively as a team member, providing hands on support, maintaining communication and updating senior staff on progress.
  • Participate in Incident Response procedures if/when required. 
  • Partciipate in Threat & Vulnerability Management program.
  • Identify opportunities for automation to eliminate repetitive tasks(Python / Bash).

Skills and attributes for success 

  • Exposure to Unix/Linux environments a must with knowledge of commands & shell scripting a must. 
  • Strong understanding of the intelligence lifecycle and models including Cyber Kill Chain and MITRE ATT&CK framework.
  • Experience in the cyber threat landscape, TTPs, threat actors and groups.
  • Experience in threat actor and threat group profiling.
  • Exposure and understanding of open source intelligence OSINT.
  • Exposure and understanding of cyber threats in the financial sector.
  • Exposure and understanding of underground criminal communities and dark web.
  • Technical knowhow of malware reverse engineering.
  • Visibility and presence in the threat intelligence community.
  • Experience with SIEM technologies, threat hunting, monitoring and investigations.
  • Excellent analytic and writing capabilities.
  • Mentor and guide security analysts in cyber threat intelligence skills.
  • Understand DeFi / Blockchain thoroughly. 
  • Ability to work with minimum guidance.

Experience and other requirements: 

  • At least 6 years of relevant experience, successfully delivering in an Enterprise environment. 
  • Bachelor/Masters of Engineering in Computer Science / Information Security / Cyber Security 
  • Network and security and tools, including IDS/IPS, NAC,DLP, VPN, firewall management and audit, endpoint, anti-malware, database audit and monitoring
  • Strong experience with secure architecture design.
  • Security expertise in one or more of: python, bash, C, C++, cryptography, reverse engineering, wireless networks, common web vulnerabilities (SQLi, XSS, CSRF), exploit development.
  • Security applications utilized for logging, packet capture, email, directory services, web, authentication, remote access, and encryption.
  • Database audit/security background is a strong plus.
  • Cloud security deployment and controls.
  • IT security technologies, policies, and procedures.
  • Have passion to learn about evolving technologies.
  • Self-starter with a can-do attitude capable of overcoming difficult challenges. 
  • Communicate clearly and effectively with the distributed team and stakeholders. 
  • Showcase good critical thinking and analytical skills. 
  • Ability to stay focused while working under pressure. 
  • Flexible to work in different time-zones, based on Business requirements. 
  • Conduct training and mentoring of team members. 

Benefits

Benefits for employees include:

  • Competitive salary and performance-based bonuses
  • 5 weeks of paid vacation per year
  • Breakfast, lunch, and snacks on a daily basis
  • International medical insurance
  • Free gym or fitness membership
  • Free events and workshops
  • For Singapore employees ineligible to participate in the CPF, the cash equivalent of the employer’s CPF contribution
  • Hybrid Work Schedule | Monday & Friday WFH

Tower Research Capital is an equal opportunity employer.