Lead Security Engineer

Senior Security Lead

Plus500US Futures Technologies | T4 Platform Engineering

Position Overview

We are seeking an experienced Senior Security Lead to own and drive the cybersecurity program at Plus500US Futures Technologies. This is a senior leadership role with full accountability for security architecture, implementation, compliance, and incident response across our financial trading platform infrastructure.

The ideal candidate is a self-driven security professional who thrives in a fast-paced environment, is comfortable operating with a high degree of autonomy, and can translate complex security requirements into practical, executable programs. You will work across engineering, operations, and leadership to continuously strengthen our security posture, driving strategic initiatives, and contributing to organizational risk decisions.

You will work under the guidance of our group Head of Cybersecurity for implementing the group Cybersecurity roadmap and goals.

Responsibilities

Application Security & DevSecOps

• Lead the implementation, optimization, and automation of Application Security tools, including SAST, DAST, and SCA, natively integrated into CI/CD pipelines.
• Conduct structured threat modeling and risk assessments (e.g., STRIDE) on core trading features and platform architecture changes.
• Champion the Secure Software Development Life Cycle (SSDLC) framework, ensuring security gates, container hardening, and API protection controls are consistently met.
• Oversee end-to-end vulnerability management and automated patching mitigation flows across application codebases and containerized infrastructures.

Security Infrastructure & Operations

• Manage network segmentation and microsegmentation
• Manage WAF and DDoS protection
• Implement and manage a SIEM solution
• Implement and manage secrets management solutions
• Oversee firewall architecture and network isolation
• Oversee encryption at rest across platform infrastructure

Incident Response

• Own and lead incident response for all security events
• Develop and maintain incident response runbooks and playbooks
• Conduct post-incident reviews and drive remediation

Compliance & Risk Management

• Lead SOC2 Type I and Type II certification in partnership with an engaged audit firm, including ownership of all required policies, procedures, and controls
• Aligning program maturity with business growth and regulatory obligations
• Conduct regular security audits and vulnerability assessments
• Manage relationships with third-party penetration testing vendors
• Drive security awareness across the engineering organization
• Establish and enforce security policies and access control standards
• Evaluate and recommend security tooling as the threat landscape evolves

Required Qualifications

• 10+ years of progressive cybersecurity experience with demonstrated leadership
• Strong technical background in Application Security with practical experience implementing SAST, DAST, and SCA tooling (e.g., SonarQube or similar enterprise suites).
• Demonstrated experience performing technical threat modeling on microservices architectures and external-facing APIs.
• Proven track record of managing modern vulnerability life cycles and coordinating effective remediation/patching strategies alongside core R&D teams.
• Familiarity with API Security engineering principles (e.g., protecting against the OWASP API Top 10) and container security.
• Hands-on experience with Guardicore or comparable microsegmentation platforms
• Experience with Cloudflare WAF and DDoS mitigation
• Experience implementing and managing SIEM platforms
• Experience implementing and managing NIST Cybersecurity Framework
• Strong knowledge of SOC2 requirements and the audit process
• Experience with secrets management solutions such as HashiCorp Vault or equivalent
• Strong understanding of network security, firewall architecture, and segmentation
• Experience owning and leading incident response programs
• Solid understanding of encryption at rest standards and implementation
• Financial services or regulated industry experience preferred
• Familiarity with NFA/CFTC cybersecurity guidelines is a plus
• Familiarity with clearing firm security and compliance requirements is a plus

Education & Certifications

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field preferred. Relevant certifications strongly preferred: CISSP, CISM, CEH, or equivalent.

Soft Skills

• Strong analytical and problem-solving abilities
• Clear communicator across technical and non-technical stakeholders
• Detail-oriented with a strong sense of ownership
• Able to manage multiple initiatives and prioritize effectively under pressure