Senior Cyber Security Engineer (Operations & Engineering)
CMT Capital Markets Trading · Chicago, IL · 3 wk ago
On-siteInformation TechnologyFull-time
Key Responsibilities
- Lead technical investigations of security incidents, working with external SOC providers to validate, contain, and remediate threats.
- Act as the escalation point for cyber security incidents. Coordinate response activities across technology teams and third-party providers.
- Conduct post-incident reviews and drive improvements to controls, processes, and detection capabilities.
- Develop and maintain incident response procedures and playbooks.
- Design, implement, and continuously improve security controls across endpoints, identity, cloud, infrastructure, and SaaS platforms.
- Develop automation and integrations that improve security visibility, operational efficiency, and control effectiveness.
- Establish and maintain security hardening standards and technical baselines.
- Evaluate emerging technologies and recommend practical security improvements.
- Own the vulnerability management lifecycle from identification through remediation.
- Assess risk associated with vulnerabilities, security findings, and control gaps. Coordinate remediation efforts across infrastructure, support, and engineering teams.
- Track remediation progress and provide meaningful reporting to management.
- Validate remediation effectiveness and manage exceptions where appropriate.
- Administer, optimise, and continuously improve enterprise security platforms and controls across endpoint, identity, vulnerability management, cloud, SaaS, monitoring, and security awareness domains.
- Lead platform upgrades, policy reviews, configuration improvements, and operational enhancements.
- Measure and report on the effectiveness of security controls and security tooling.
- Enhance identity and access controls including MFA, conditional access, privileged access management, and access governance.
- Support zero trust, segmentation, and least-privilege initiatives. Review and improve authentication and authorisation controls across enterprise platforms.
- Lead security projects from planning through delivery. Partner with infrastructure, cloud, development, and support teams to embed security into technology initiatives.
- Contribute to security strategy, roadmap planning, and continuous improvement activities.
- Support audits, assessments, and vendor due diligence activities.
- Represent the security function in discussions with technology teams, vendors, service providers, and business stakeholders. Communicate security risks and recommendations clearly to both technical and non-technical audiences.
- Build strong relationships across the organisation to drive security outcomes and promote a security-conscious culture.
Required Skills And Experience
- 7+ years of hands-on cyber security engineering or security operations experience.
- Strong track record investigating and responding to security incidents.
- Experience administering enterprise security tooling across areas such as endpoint protection, application control, vulnerability management, identity security, monitoring, or data protection.
- Hands-on experience securing cloud environments such as Microsoft Azure and AWS.
- Solid understanding of Windows, Microsoft 365, Entra ID, and enterprise endpoint security.
- Strong scripting and automation skills using PowerShell, Python, or similar languages.
- Proven ability to drive remediation activities across multiple technology teams.
- Ability to independently assess risk and make practical security recommendations.
- Excellent written, verbal, and stakeholder communication skills.