• You will be the operating second to the CISO and own the bank-entity scope of Mercury's 2LOD Information Security program. • Keep the program examiner-ready by maintaining coherent policy architecture and evidenced controls • Own the examiner-ready narrative and coordinate the evidence for OCC, FFIEC, FDIC, and FRB examiner inquiries. • Lead remediation of identified FFIEC IT control deficiencies to ensure charter readiness. • Manage relationships with internal audit and external assessors. • Coach and grow the GRC sub-team while running a recurring training cadence. • Ensure third-party risk evidence holds up to bank-grade scrutiny.

• Own the security configuration of our identity and collaboration stack: identity and access policies, third-party app governance, DLP, context-aware access, and admin audit. • Build, tune, and maintain detections. Design response playbooks for high-signal alerts. • Harden our cloud footprint, Kubernetes clusters, and CI/CD pipelines. • Own the security posture of the endpoint estate, including MDM configuration and endpoint telemetry. • Lead and participate in security incident investigations end-to-end. • Run threat models and architecture reviews for new internal systems and infrastructure changes. • Work alongside Protocol Security, DevOps, IT Ops, and Product Engineering to raise risks constructively.

• Develop and work with supporting secure AI and LLM usage/integration both in products and within Security; • Develop building blocks to accept payments and move funds; • Stripes Core Products including Connect, Subscriptions, Checkout, RADAR, and Issuing; • Build/Enhance automated threat modeling tooling; • Identify and help reduce security debt across our product portfolio; • Work closely with product engineering teams to design solutions that are secure by default; • Tailor answers to security questions from non-engineers and engineers; • Lead threat modeling discussions and help teams strike the right balance between security, user experience and product advancement; • Scale security effort by empowering engineering teams with automation, security guidance, tooling, patterns and training; • Drive high impact, cross-team security initiatives; • Mentor teammates and others across the organization.

Role Description Hudson River Trading (HRT) is seeking an experienced Security Engineer to join our growing Enterprise Security team. This team is responsible for securing the systems and tools HRT employees rely on every day, including managing: - AI security - Cloud Security Posture Management (CSPM) - Identity and Access Management (IAM) - Public Key Infrastructure (PKI) - Endpoint Security - Vulnerability Management - Protecting HRT’s infrastructure across on-prem and cloud environments In this role, you will lead a small team of security engineers focused on enabling employees to work safely and productively from any device, anywhere. The ideal candidate is a hands-on, technical leader and security generalist with broad experience developing practical security solutions that enhance both protection and user experience, and the ability to quickly adapt in a fast-paced environment. Responsibilities include: - Managing device posture and machine identity across thousands of endpoints - Identifying vulnerabilities in servers, containers, and serverless workloads - Securing AI agents with guardrails and containerization - Advising teams on securing productivity applications Qualifications - 7+ years of experience in security engineering - 2+ years of experience leading a technical team - Experience hardening Linux environments at scale using configuration management and infrastructure-as-code tooling - Experience in cloud security posture management on GCP, Azure, and/or AWS - Familiarity with emerging generative AI security tooling and best practices (guardrails, agents, sandboxing, MCP security, etc.) - Familiarity with endpoint security technologies on macOS and Windows - Familiarity with PKI workflows: certificate templates, issuance, renewal and revocation - Proficiency in Python is required - Strong ability to make principled decisions, balancing workforce productivity with security needs - Curious, agile, eager to learn, and capable of implementing novel solutions, even when confronted with complexity or uncertainty - Experience working with partners throughout the business to achieve company-wide impact Requirements - The estimated base salary range for this position is 200,000 to 300,000 USD per year (or local equivalent). - The base pay offered may vary depending on multiple individualized factors, including location, job-related knowledge, skills, and experience. - This role will also be eligible for discretionary performance-based bonuses and a competitive benefits package. Culture Hudson River Trading (HRT) brings a scientific approach to trading financial products. We have built one of the world's most sophisticated computing environments for research and development. Our researchers are at the forefront of innovation in the world of algorithmic trading. At HRT we welcome a variety of expertise: mathematics and computer science, physics and engineering, media and tech. We’re a community of self-starters who are motivated by the excitement of being at the cutting edge of automation in every part of our organization—from trading, to business operations, to recruiting and beyond. We value openness and transparency, and celebrate great ideas from HRT veterans and new hires alike. At HRT we’re friends and colleagues – whether we are sharing a meal, playing the latest board game, or writing elegant code. We embrace a culture of togetherness that extends far beyond the walls of our office. Feel like you belong at HRT? Our goal is to find the best people and bring them together to do great work in a place where everyone is valued. HRT is proud of our diverse staff; we have offices all over the globe and benefit from our varied and unique perspectives. HRT is an equal opportunity employer; so whoever you are we’d love to get to know you. Please be advised: Use of AI tools during interviews or assessments is strictly prohibited, unless otherwise instructed or agreed upon. We employ various methods to evaluate the authenticity of candidate responses. If we determine that AI assistance was used during any stage of the hiring process, we reserve the right to immediately disqualify your candidacy or rescind any job offers extended.