Information Security Operations Engineer

CTC is a cutting-edge proprietary trading firm with a long-term vision and a clear focus on helping the world price and manage risk. Our fun and trusting culture inspires us to solve the industry’s most challenging problems and take calculated risks in a collaborative environment.

We strive to be the most innovative firm in the industry today, tomorrow, and long into the future while upholding ethical excellence. We believe that CTC makes a positive impact on the markets, the lives of our employees, and all the communities to which we belong. Started in 1995 by a team of forward-thinking Traders, we are proud to call ourselves an industry leader that keeps making markets and each other better.

Ready to make an immediate impact at the heart of cybersecurity? Join CTC as an Information Security Operations Engineer, where every day puts you front and center in defending our systems. This isn’t just monitoring screens. It’s live fire, quick thinking, and creative problem solving. You’ll be using powerful tools, investigating real threats, and teaming up with passionate pros who will help you develop top‑tier security skills.

You’ll get a backstage pass to how attacks unfold, sharpen your instincts, and design smarter, faster responses. Our Security Operations team is growing quickly, making a real impact, and leading the charge to keep our business safe. This is your chance to launch your cybersecurity career with immediate responsibility, plenty of variety, and a team that is genuinely invested in your growth.

In this role, you will get an inside look at how security works at a trading firm, master core tools and playbooks, and collaborate with people who enjoy solving tough problems together. Every day is different, and every win matters.

• Monitor and triage alerts across security platforms such as SIEM, EDR, email, and identity, cutting through noise to kick off investigations as needed
• Execute and improve incident response playbooks by gathering evidence, containing low‑severity events, escalating thoughtfully, and communicating clearly
• Perform daily security checks to ensure healthy systems, track issues through to closure, and keep runbooks updated
• Support phishing investigations and user‑reported security events, sharing findings to keep our teams protected
• Assist with vulnerability and patch reviews alongside engineering, confirming that risks are remediated
• Create detailed case documentation including timelines, artifacts, observables, and post‑incident summaries to support learning and improvement
• Suggest and build improvements for processes and playbooks, tuning detections and developing smart automations
• Collaborate with technology partners across the firm, sharing context and building trust through fast, reliable service
• Help teammates thrive, reduce repetitive work, improve signal over noise, and deliver consistent results

• Genuine interest in cybersecurity operations and a drive to build a career in SOC or incident response. Internships, school projects, or labs are welcome
• Basic understanding of networking, Windows and Linux systems, and enterprise technology. Able to dig into logs and troubleshoot issues
• Familiarity with at least one core security tool or domain, such as SIEM, EDR, email security gateways, or identity and MFA, and ready to learn more
• Strong instincts for structured troubleshooting, evidence gathering, and writing clear documentation for tickets and incident handoffs
• Basic scripting or automation skills in Python or Power Shell, or a willingness to learn and automate repetitive tasks
• Curiosity, clear communication, and a collaborative mindset
• Detail‑oriented and service‑driven with a disciplined approach to procedures, meeting SLAs, and seeking ways to improve outcomes
• Willingness to join on‑call or after‑hours rotations as needed

• Hands‑on experience with security platforms such as SIEM queries, endpoint detections, phishing analysis, or sandboxing
• Familiarity with ticketing tools, incident tracking, or on‑call workflows, and exposure to SOAR or automation tools
• Coursework, certifications, or labs in security operations, such…