Headquartered in Plantation, Florida; Tradestation is an online brokerage company dedicated to making money work harder. Established in 1982, Tradestation has g
Security Engineer
Location
United States
Posted
21 hours ago
Salary
$127 - $150K / year
Seniority
Mid Level
Job Description
Security Engineer
TradeStation
Role Description We are looking for a Security Engineer who will be responsible for the engineering, design, implementation, maintenance, monitoring, analysis, and administration of TradeStation’s security solutions and security information. The Security Engineer will also establish procedures, and, wherever possible, automate tasks to reduce operational overhead. The role will also act as a security project lead and subject matter expert in the Information Security domain. - Design, implement, configure, and troubleshoot enterprise security technologies and infrastructure - Perform vulnerability assessments, validate security controls, and drive remediation efforts across on-premises and cloud environments - Partner with infrastructure, development, and project teams to integrate security controls throughout the system development lifecycle - Secure and continuously improve public cloud environments by implementing security best practices and monitoring controls - Collaborate with Network and Systems Engineering teams to design, document, and maintain network security architectures and firewall configurations - Lead and participate in security incident response, including technical analysis, containment, eradication, and post-incident reviews - Develop and maintain security documentation, including SOPs, technical standards, runbooks, and response playbooks - Evaluate and implement security technologies and automation to improve security posture and operational efficiency - Support security operations through on-call rotation and after-hours incident response as needed - Support security assessments, audits, and compliance/risk management initiatives with technical expertise - Automate repetitive security tasks using AI or orchestration tools - Research emerging threats and attack techniques to proactively strengthen defensive capabilities Qualifications - Hands-on experience designing, implementing, administering, and supporting enterprise security technologies, including firewalls, IDS/IPS, EDR, authentication and identity solutions, SIEM platforms, vulnerability management tools, email security, NDR, deception technologies, AI usage filtering, and web/content filtering solutions - Experience implementing and supporting Privileged Access Management (PAM) solutions, preferably CyberArk - Strong understanding of security architecture principles, including secure network, infrastructure, and application design - Experience securing public cloud environments, with a solid understanding of cloud security principles, cloud-native security services, SaaS platforms, and third-party security tools; experience with AWS and Azure strongly preferred - Experience performing vulnerability assessments, validating security controls, and partnering with system owners to prioritize and remediate risk - Experience investigating security incidents, including log analysis, endpoint investigations, network forensics, and malware analysis - Working knowledge of networking concepts, common protocols, web technologies, APIs, and modern application architectures - Experience with security analysis and troubleshooting tools such as Wireshark, endpoint forensic utilities, email analysis tools, and virtualization platforms (VMware, VirtualBox) - Experience developing and maintaining security policies, standards, procedures, and operational runbooks - Experience providing support and escalation services to a Security Operations Center - Understanding of security frameworks and regulatory requirements such as NIST, CIS Controls, ISO 27001, or similar - Experience collaborating with infrastructure, cloud, development, and engineering teams to integrate security into enterprise technologies and business initiatives - Strong organizational and time-management skills, with the ability to manage multiple priorities, adapt to changing business needs, and drive initiatives from planning through implementation - Strong analytical, troubleshooting, and problem-solving skills, with the ability to evaluate complex technical issues and recommend effective solutions - Excellent verbal and written communication skills, with the ability to explain technical security concepts to both technical and non-technical audiences - Self-motivated and proactive, with a demonstrated passion for cybersecurity and a commitment to continuously learning about emerging threats, technologies, and best practices Requirements - Bachelor’s degree in Information Security, Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent practical experience - Minimum of five (5) years of progressive experience in Information Security, Cybersecurity, or a related technical discipline - 3+ years of experience as an Information Security Engineer, Security Engineer, Systems Security Engineer, or in a similar cybersecurity role - Ability to travel occasionally to domestic and international company offices or other business locations for meetings, training, project work, or other business needs Desired Qualifications - One or more of the following certifications strongly preferred: - CISSP (and/or other ISC2 certifications) - SANS GIAC certifications - CEH, OSCP, or other penetration testing certifications - Other industry recognized certifications or accreditations Benefits - Collaborative work environment - Competitive Salaries - Yearly bonus - Comprehensive benefits for you and your family starting Day 1 - Unlimited Paid Time Off - Flexible working environment - TradeStation Account employee benefits, as well as full access to trading education materials - Pay Range (US) $127-150K (Countries outside of the US have differing ranges in accordance with local labor markets)
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Role Description AGE Solutions is looking for a Security Control Assessor, Senior to join our team in support of a cybersecurity risk management and assessment program with our DoD customer. The Assessors will be part of a project team responsible for Cybersecurity Assessments and Authorization (A&A), Risk Management, Information Assurance (IA) Support, and Risk Adjudication and Connection services. - Conduct cybersecurity assessments, audits, and inspections for DoD organizations and partners handling DoD information or connecting to the DoDIN. - Evaluate systems and Defensive Cyberspace Operations using cyber threat emulation and performance-based testing. - Adhere to policies and processes for each assessment type. - Support assessment development and execution to ensure security expertise is properly applied. - Coordinate logistics, test plans, and scope with the SCA Team Lead. - Perform vulnerability assessments, capture results using STIG Viewer or designated tools, and document findings in eMASS. - Analyze security gaps and provide mitigation recommendations. - Validate cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and guidelines. - Provide risk analysis and assessment results for authorization recommendations. - Participate in daily assessment reviews, in-briefs, and out-briefs, sharing findings with the SCA-R. - Mentor and guide personnel by providing technical expertise, best practices, and professional development support to enhance team capabilities and knowledge. Qualifications - Bachelor's degree (IT-related field preferred). - Eight (8) years of overall experience in cybersecurity or network security position. - Five (5) years of experience in a Certification and Accreditation/A&A role. - Have an active DoD Top Secret clearance with SCI eligibility. - DoD 8570 IAM/IA Technical (IAT) Level II certification. - Demonstrated experience with STIGs (Security Technical Implementation Guides), Security Requirement Guides (SRGs), Plan of Action and Milestones (POA&Ms) and cybersecurity best practices. - Advanced understanding of the RMF process, NIST SP 800-37, NIST SP 800-53, CNSSI 1253. - Demonstrated experience with relevant tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS. - Advanced understanding of key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications. - Strong written and verbal communication skills for reporting assessment findings. Requirements - This is a remote role requiring approximately 85% travel, Local, CONUS and OCONUS. - Candidates must possess a valid U.S. Passport or have the ability to obtain one in a timely manner. - Strong preference will be given to candidates who currently reside in the DMV (Washington, DC, Maryland, Virginia) region or Pennsylvania, or who are willing to relocate to one of these areas to support customer requirements and team collaboration activities. Benefits - 26 Days Paid Leave: Includes vacation, sick, personal time, and holidays. You choose how to use it. - Performance Bonuses: Performance bonuses are awarded based on individual contributions and company-wide results, aligning recognition with impact. - 401(k) with Match: We match 3% of your contributions with immediate vesting. - Financial Protection: Company-paid life insurance up to $300K and options for additional coverage for you and your dependents. - Health Benefits: Multiple medical plans, dental, vision, FSA and HSA options to fit your needs. - Parental Leave: 15 days of fully paid leave for new parents, because family matters. - Military Differential Pay: We bridge the gap for employees on active duty, so they don’t take a financial hit while serving. - Professional Growth: Paid training and certifications, tuition reimbursement, and the tools and tech to get the job done right. - Shared Success: In the event of a company sale, our CEO has committed to returning 80% of net proceeds to employees. This ensures our team shares in the long term value they help create.
Role Description Working directly with the CTO, you'll own security, infrastructure ops, and reliability across Rise's cloud, application, and on-chain surfaces. This is a builder's role, not a purely advisory one - you'll harden what exists, design what's missing, and be the person the team turns to when security and infrastructure questions come up. This is a hands-on role: you'll run the day-to-day infrastructure operations behind our code releases and keep our production infrastructure healthy, available, and secure. - End-to-end accountability for the infrastructure, on a mostly serverless stack designed to keep operational overhead low. - Opportunity to define the security and infrastructure function and build a team beneath you as Rise grows. Qualifications - 8+ years in DevOps / infrastructure / SRE, with significant security engineering ownership. - Deep, hands-on Google Cloud Platform experience (Cloud Run, IAM, networking, BigQuery, logging/monitoring, SecOps, SCC). - Strong security fundamentals: IAM and least privilege, secrets/key management, network security, incident response, and vulnerability management. - Production experience with Ethereum / EVM - wallets, key management, transaction signing, and smart-contract interaction. - Comfort in a Node.js / TypeScript and MySQL environment. - Hands-on Cloudflare experience (WAF, DNS, edge security, Pages). - Infrastructure-as-code and CI/CD fluency. - Proven incident-response track record. Requirements - Authorized to work in the United States and U.S.-based. Benefits - Base salary: $170,000–$210,000. - Meaningful equity in a growing company. - Unlimited PTO and a flexible work schedule - we care about outcomes, not hours. - 401(k) with a 3% company grant. - Fully remote within the United States.
Staff Security Engineer – Enterprise Security
SnowflakeSnowflake delivers the AI Data Cloud to help organizations share data, build apps and power their business with AI.
• Develop, maintain, and scale Snowflake's endpoint security solutions • Build intelligent security platforms and automate security operations using AI • Monitor security events, investigate incidents, and build real-time detection and prevention systems • Conduct regular risk and threat analyses to proactively identify vulnerabilities • Develop and implement unified security policies and procedures • Partner across Security, Engineering, IT, and Product to define endpoint security strategy • Establish and uphold the highest standards for security engineering.
Staff Security Engineer, AI
DraftKings Inc.Defining what it means to build and deliver the most extraordinary sports & entertainment experiences.The Crown is Yours
At DraftKings, AI is becoming an integral part of both our present and future, powering how work gets done today, guiding smarter decisions, and sparking bold ideas. It's transforming how we enhance customer experiences, streamline operations, and unlock new possibilities. Our teams are energized by innovation and readily embrace emerging technology. We're not waiting for the future to arrive. We're shaping it, one bold step at a time. To those who see AI as a driver of progress, come build the future together. The Crown Is Yours We're seeking a Staff Security Security Engineer to join our growing security team focused on ensuring our use of emerging technology at DraftKings is done safely and securely, relying on deep technical expertise and knowledge to assess how to safely connect and deploy new workflows, processes, and technologies. To do this you will work strategically, influencing the company's overall security posture, architecture, and roadmap in a variety of domains. You'll work with product, engineering and research teams to build and deploy tooling that will help the business connect different services and data together. You'll explain your work to a broad audience spanning from individual contributors in a variety of departments to senior leadership. The team you're joining is cross-disciplinary, driven, supportive, and global. Each member brings unique, respected perspectives whether they just joined or were founding team members. What you'll do as a Staff Security Engineer - Set the security standards and guardrails for the AI platform. Define the principles, reference architectures, and policy-as-code that all AI tooling at DraftKings adheres to, so that many teams can build agents and workflows while still meeting a consistent security bar. Focus on specifying the environment, infrastructure, and authentication methods agents rely on, rather than reviewing every individual implementation. - Review and build the architecture of AI gateways and tooling. Provide security review, sign-off, and possibly pair on implementation of these systems, and the systems that they interface with. - Make the security review process scale. Streamline how AI services move through InfoSec review on their way to production, so the bar stays high but does not become the bottleneck. - Reduce AI-driven security noise. Partner with platform and detection teams on telemetry (tool-call metrics, auditing agents over that data) and on lightweight controls like standardized system prompts that cut unnecessary investigations without slowing engineers down. - Drive remediation efforts of complex, cross-functional security issues. When relevant, you'll be called into investigations to assist. - Coach and raise the bar. Mentor security and platform engineers, lead technical and SME discussions on AI security, and elevate the team's overall capability in this space. What you'll bring - 7+ years experience in engineering - building and operating systems in production. - 5+ years experience contributing and advising on security design. - Broad security fluency across infrastructure and enterprise security - endpoint protection, network security, identity, SaaS tools, and cloud security - even if your deepest expertise is in application and product security. - Deep hands-on ability to debug systems issues. We're comfortable hacking on things to solve security problems, so long as we can unlock functionality and make it usable for the organization. - Experience writing high quality code in a typed and untyped programming language. - Excellent collaboration and communication skills - you can align engineering, platform, privacy, legal, and leadership stakeholders, and you bias toward enabling teams rather than blocking them. - Ability to manage competing priorities and thrive in a fast-paced, dynamic environment. Join Our Team We're a publicly traded (NASDAQ: DKNG) technology company headquartered in Boston. As a regulated gaming company, you may be required to obtain a gaming license issued by the appropriate state agency as a condition of employment. Don't worry, we'll guide you through the process if this is relevant to your role. The US base salary range for this full-time position is 160,700.00 USD - 200,900.00 USD, plus bonus, equity, and benefits as applicable. Our ranges are determined by role, level, and location. The compensation information displayed on each job posting reflects the range for new hire pay rates for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific pay range and how that was determined during the hiring process. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.


