Chicago Trading Co Logo
Chicago Trading Co
Director of Security Engineering
🌎Chicago, Illinois, United States
5h ago
👀 10 views
📥 0 clicked apply

Job Description

CTC is a cutting-edge proprietary trading firm with a long-term vision and a clear focus on helping the world price and manage risk. Our fun and trusting culture inspires us to solve the industry’s most challenging problems and take calculated risks in a collaborative environment.

We strive to be the most innovative firm in the industry today, tomorrow, and long into the future while upholding ethical excellence. We believe that CTC makes a positive impact on the markets, the lives of our employees, and all the communities to which we belong. Started in 1995 by a team of forward-thinking Traders, we are proud to call ourselves an industry leader that keeps making markets and each other better.

As the Director of Security Engineering, you will help design and implement the vision of security strategies across CTC’s technology stack. This role requires both a team leader and a hands-on technologist who can guide engineers, mentor talent, and collaborate across departments to ensure the security of our systems, applications, and infrastructure. You will be responsible for building secure architectures, driving the implementation of security strategies, and ensuring alignment with CTC’s business objectives.

What You’ll Do

  • Lead the Security Engineering Team: Manage and mentor a small team of security engineers, driving projects and consulting with CTC technology teams on secure strategies and architecture.
  • Implement Security Strategy: Architect, build, and implement scalable security solutions that protect CTC’s infrastructure, software, and data. You will lead the team at implementing the strategy for Zero Trust, network segmentation, and other advanced security initiatives.
  • Oversee Security Architecture: Design security protocols and solutions across multiple environments, ensuring all systems, networks, and applications are secure from inception to deployment.
  • Cross-Functional Leadership: Collaborate closely with engineering, development, IT, and business teams to ensure secure coding practices, network design, and infrastructure resilience.
  • Threat Modeling & Vulnerability Management: Lead the team in performing threat modeling, vulnerability assessments, and code reviews, identifying and mitigating security risks in complex distributed environments.
  • Automation & Efficiency: Direct the development of automated solutions for security monitoring, alerting, and incident response using infrastructure-as-code or scripting to enhance security operations.
  • Research & Innovation: Stay at the forefront of cybersecurity technologies and trends. Evaluate emerging threats and technologies, ensuring CTC’s security posture adapts to new challenges.
  • Security Project Leadership: Manage multi-functional security projects such as encryption, identity and access management (IAM), and network security architecture.

What We’re Looking For

  • Leadership Experience: Demonstrated experience in leading and mentoring security engineering teams and driving a team to implement the CSO’s vision.
  • Hands-on Technical Knowledge: The right person for this role will demonstrate both strong leadership and strong hands-on skills. While leading a team, the expectation is that the role will also be heavily engaged in the efforts being lead.
  • Programming/Scripting Skills: Proficient in one or more languages such as Python, Go, or PowerShell, with a deep understanding of secure software development.
  • Application Security Expertise: Practical experience with evaluating custom applications and infrastructure as code using static code analysis tools such as SonarQube, Checkmarx, or Semgrep.
  • Cloud and Network Security: Deep understanding of cloud security models (AWS, Azure, Google Cloud) and networking principles (TCP/IP, DNS, routing). Experience implementing network segmentation, Zero Trust, and multi-cloud security architectures.
  • Experience with CI/CD and Containerization: Knowledge of CI/CD pipelines, containerization technologies (e.g., Docker, Kubernetes), and the integration of security within development and deployment workflows.
  • Innovative & Forward-Thinking: A continuous learner who is passionate about staying ahead of the curve in cybersecurity technologies and innovations. Ability to assess emerging threats and adapt security strategies accordingly.
  • Cryptographic Knowledge: Familiarity with cryptographic protocols, key management, and secure communication strategies.

Our Benefits

We strongly believe in the well-being of our employees and their families so we offer outstanding benefits to support you both professionally and personally. These benefits include generous medical coverage, paid parental leave, free breakfast and lunch (plus healthy snacks, of course), wellness reimbursement, quarterly recharge days, and a variety of other benefits focused on providing the best employee experience. 

(Disclaimer: Interns and Contractors are not eligible for benefits at CTC) 

Our Commitment to Diversity, Equity and Inclusion

At CTC, we aim to cultivate a workplace that celebrates diversity and each person feels included, engaged and empowered. Where each of us feels we belong. We are committed to having a diverse workforce and are proud to be an equal opportunity employer. CTC does not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. 

If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or to apply for a position, please contact us at info@chicagotrading.com. Note that emails sent to this email account for non-disability related issues, such as following up on an application, will not receive a response.