Networking & Security Engineer
Capula Investment Management LLP · New York, NY · 3 wk ago
On-siteInformation TechnologyFull-time
Key Responsibilities
- Lead the firm's security operations function, owning threat detection, incident response, and vulnerability management end-to-end
- Monitor, triage, and respond to security events across the environment, including log analysis, anomaly detection, and threat hunting, with a strong awareness of modern and AI-enabled attack vectors
- Own and drive security hardening across all infrastructure — servers, endpoints, network devices, and cloud-adjacent systems, ensuring consistent application of best practices and compliance with security policies
- Design and implement secure infrastructure solutions, embedding security requirements from the outset rather than retrofitting them
- Conduct regular vulnerability assessments and penetration testing exercises, prioritising and remediating findings in a timely manner
- Manage and continuously improve security tooling, including SIEM, EDR, firewalls, IDS/IPS, and endpoint protection platforms
- Manage network infrastructure including firewalls, switches, VPNs, and wireless systems (primarily Cisco-based), with a security lens on all configuration and change
- Operate across Windows and Linux (Red Hat/CentOS) environments, ensuring both are maintained to a consistent security baseline
- Collaborate with infrastructure and technology teams to embed security into project delivery and BAU processes
- Develop and maintain security documentation including incident response playbooks, SOPs, architecture diagrams, and runbooks
- Stay current with the evolving threat landscape, bringing proactive recommendations to improve the firm's security posture over time
Requirements
- Minimum 7+ years' experience in infrastructure, networking, and security roles
- Strong hands-on experience with Windows Server and Linux (Red Hat/CentOS)
- Solid networking knowledge, including TCP/IP, VLANs, VPNs, DNS, DHCP, with practical experience in Cisco environments
- Demonstrated experience implementing and supporting security controls, including: Patch management and system hardening, Endpoint protection and monitoring, Identity and access management
- Good understanding of cyber security principles, including modern threat landscapes and evolving risks (e.g. automation and AI-driven attack vectors)
- Experience with virtualisation (VMware) and enterprise storage (SAN/NAS)
- Scripting or automation experience (e.g. PowerShell, Bash) is advantageous
- Experience in financial services or regulated environments is preferred
- Strong troubleshooting skills with a structured and analytical approach
- Able to balance BAU responsibilities with project delivery effectively
- A thoughtful and forward-looking mindset, with the ability to identify risks and propose improvements
- A clear and confident communicator, able to engage with both technical and non-technical stakeholders
- Able to work collaboratively and adapt to changing priorities