Lead Security Engineer

Plus
500 is looking for a full-time Senior Security Lead to join the team in a remote-hybrid position in our Itasca, IL office:
Mondays and Wednesday’s in Itasca, the rest of the week remote.

Plus
500 is a global multi-asset fintech group operating technology-based trading platforms. Plus
500 offers customers a range of trading products, including Over-The-Counter ("OTC") and share dealing, as well as futures and options on futures in the US.

We are seeking an experienced Senior Security Lead to own and drive the cybersecurity program at Plus
500US Futures Technologies. This is a senior leadership role with full accountability for security architecture, implementation, compliance, and incident response across our financial trading platform infrastructure.

The ideal candidate is a self-driven security professional who thrives in a fast-paced environment, is comfortable operating with a high degree of autonomy, and can translate complex security requirements into practical, executable programs. You will work across engineering, operations, and leadership to continuously strengthen our security posture, driving strategic initiatives, and contributing to organizational risk decisions.

You will work under the guidance of our group Head of Cybersecurity for implementing the group Cybersecurity roadmap and goals.

Plus
500US is committed to providing competitive compensation and comprehensive benefits to all employees. We offer a robust benefits package, including a choice between an HMO or PPO Blue Cross Blue Shield Health Plan, Dental, Short- and Long-Term Disability, and Life Insurance, with 99% of premiums covered by Plus
500US.

• Bachelor degree in Computer Science, Information Technology, Cybersecurity, or a related field preferred. Relevant certifications strongly preferred: CISSP, CISM, CEH, or equivalent.

• 10+ years of progressive cybersecurity experience with demonstrated leadership
• Hands-on experience with Guardicore or comparable microsegmentation platforms
• Experience with Cloudflare WAF and DDoS mitigation
• Experience implementing and managing SIEM platforms
• Experience implementing and managing NIST Cybersecurity Framework
• Strong knowledge of SOC2 requirements and the audit process
• Experience with secrets management solutions such as Hashi Corp Vault or equivalent
• Strong understanding of network security, firewall architecture, and segmentation
• Experience owning and leading incident response programs
• Solid understanding of encryption at rest standards and implementation
• Financial services or regulated industry experience preferred
• Familiarity with NFA/CFTC cybersecurity guidelines is a plus
• Familiarity with clearing firm security and compliance requirements is a plus

• Strong analytical and problem-solving abilities
• Clear communicator across technical and non-technical stakeholders
• Detail-oriented with a strong sense of ownership
• Able to manage multiple initiatives and prioritize effectively under pressure

• Manage network segmentation and microsegmentation
• Manage WAF and DDoS protection
• Implement and manage a SIEM solution
• Implement and manage secrets management solutions
• Oversee firewall architecture and network isolation
• Oversee encryption at rest across platform infrastructure
• Own and lead incident response for all security events
• Develop and maintain incident response runbooks and playbooks
• Conduct post-incident reviews and drive remediation

• Lead SOC2 Type I and Type II certification in partnership with an engaged audit firm, including ownership of all required policies, procedures, and controls
• Aligning program maturity with business growth and regulatory obligations
• Conduct regular security audits and vulnerability assessments
• Manage relationships with third-party penetration testing vendors
• Drive security awareness across the engineering organization
• Establish and enforce security policies and access control standards
• Evaluate and recommend security tooling as the threat landscape evolves