Lead Security Engineer

Senior Security LeadPlus500US Futures Technologies | T4 Platform EngineeringPosition OverviewWe are seeking an experienced Senior Security Lead to own and drive the cybersecurity program at Plus500US Futures Technologies. This is a senior leadership role with full accountability for security architecture, implementation, compliance, and incident response across our financial trading platform infrastructure.The ideal candidate is a self-driven security professional who thrives in a fast-paced environment, is comfortable operating with a high degree of autonomy, and can translate complex security requirements into practical, executable programs. You will work across engineering, operations, and leadership to continuously strengthen our security posture, driving strategic initiatives, and contributing to organizational risk decisions.You will work under the guidance of our group Head of Cybersecurity for implementing the group Cybersecurity roadmap and goals.ResponsibilitiesApplication Security & DevSecOpsLead the implementation, optimization, and automation of Application Security tools, including SAST, DAST, and SCA, natively integrated into CI/CD pipelines.Conduct structured threat modeling and risk assessments (e.g., STRIDE) on core trading features and platform architecture changes.Champion the Secure Software Development Life Cycle (SSDLC) framework, ensuring security gates, container hardening, and API protection controls are consistently met.Oversee end-to-end vulnerability management and automated patching mitigation flows across application codebases and containerized infrastructures.Security Infrastructure & OperationsManage network segmentation and microsegmentationManage WAF and DDoS protectionImplement and manage a SIEM solutionImplement and manage secrets management solutionsOversee firewall architecture and network isolationOversee encryption at rest across platform infrastructureIncident ResponseOwn and lead incident response for all security eventsDevelop and maintain incident response runbooks and playbooksConduct post-incident reviews and drive remediationCompliance & Risk ManagementLead SOC2 Type I and Type II certification in partnership with an engaged audit firm, including ownership of all required policies, procedures, and controlsAligning program maturity with business growth and regulatory obligationsConduct regular security audits and vulnerability assessmentsManage relationships with third-party penetration testing vendorsDrive security awareness across the engineering organizationEstablish and enforce security policies and access control standardsEvaluate and recommend security tooling as the threat landscape evolvesRequired Qualifications10+ years of progressive cybersecurity experience with demonstrated leadershipStrong technical background in Application Security with practical experience implementing SAST, DAST, and SCA tooling (e.g., SonarQube or similar enterprise suites).Demonstrated experience performing technical threat modeling on microservices architectures and external-facing APIs.Proven track record of managing modern vulnerability life cycles and coordinating effective remediation/patching strategies alongside core R&D teams.Familiarity with API Security engineering principles (e.g., protecting against the OWASP API Top 10) and container security.Hands-on experience with Guardicore or comparable microsegmentation platformsExperience with Cloudflare WAF and DDoS mitigationExperience implementing and managing SIEM platformsExperience implementing and managing NIST Cybersecurity FrameworkStrong knowledge of SOC2 requirements and the audit processExperience with secrets management solutions such as HashiCorp Vault or equivalentStrong understanding of network security, firewall architecture, and segmentationExperience owning and leading incident response programsSolid understanding of encryption at rest standards and implementationFinancial services or regulated industry experience preferredFamiliarity with NFA/CFTC cybersecurity guidelines is a plusFamiliarity with clearing firm security and compliance requirements is a plusEducation & CertificationsBachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field preferred. Relevant certifications strongly preferred: CISSP, CISM, CEH, or equivalent.Soft SkillsStrong analytical and problem-solving abilitiesClear communicator across technical and non-technical stakeholdersDetail-oriented with a strong sense of ownershipAble to manage multiple initiatives and prioritize effectively under pressure