Cloud Security Team Lead

OneMarketData

About OneTick

OneMarketData LLC (‘OMD’) is a US company with a global customer base and globally distributed remote workforce. We’re best known for ‘OneTick’, the world’s most powerful tick analytics platform. We’re also a major supplier of market data for research and trading, and our regulatory products are used by the world’s largest exchange group, the world’s largest market-maker, the world’s largest options trader, and by regulators, banks, and brokerage firms around the world. We’re an agile company with a staff of 200, strongly oriented toward software engineering and DevOps. We use a modern Cloud-based technology stack.  See onetick.com for more information.



Overview

As Head of Cloud Security, you'll lead and contribute technically to enhancing cybersecurity for our Cloud-based services and to recommending best practices in client engagements.  An important part of your role will be to work with business leaders and our Legal department to define, implement, and enforce our cybersecurity policies and procedures. Your knowledge of Amazon Web Services (AWS) and optionally GCP will help you to establish and maintain best practices across our services.  An important part of your role will be to actively establish internal and external relationships, executing on cloud security assessments, and supporting cloud implementations. Similarly, you'll anticipate and identify operational risks within the firm and its engagements and raise any issues with senior members of the team.

Key Responsibilities:

  • Help the firm identify Cloud security vulnerabilities and risks
  • Help define and implement our suite of Cloud security policies and procedures
  • Drive and ensure our compliance with requirements such as GDPR, and our excellent performance on standard assessments such as SOC-2 and client-specific assessments
  • Work with vendors to implement such technologies and federated SSO, endpoint security solutions, and threat monitoring
  • Work with customers to ensure that we meet their hosted service requirements in a way that is consistent with our own high standards and obligations to our customers. 
  • Consistently deliver quality client services. Monitor progress, manage risk, and ensure key stakeholders are kept informed about progress and expected outcomes. Stay abreast of current business and industry trends relevant to our client's.
  • Demonstrate in-depth technical capabilities and professional knowledge. Demonstrate ability to assimilate to new knowledge.
  • Demonstrate and apply a thorough understanding of complex information systems.
  • Remain current on new developments and be able to optimize capabilities vs. cost
  • Demonstrate the ability to work constructively with demanding clients
  • Contribute to staff development, coaching, recruiting, training and retention
  • Maintain a security-oriented educational program for the firm’s staff, tailored to roles
  • Understand and follow workplace policies and procedures

To qualify for the role, you must have:

  • Undergraduate or masters’ degree preferably in one of the following areas: Information Security, Information Systems, Computer Science, Engineering
  • Approximately 5-7 years of experience in securing cloud solutions (IaaS/PaaS/SaaS)
  • Experience building and migrating applications in the cloud (AWS, GCP, Azure)
  • Good understanding of cloud security architecture, security assessments, audit standards for the Cloud, security threats in the cloud
  • Experience in working independently or as part of a large team to deliver cloud security services on its own or within large complex projects.
  • In possession of or working toward industry recognized cloud security certifications such as CCSK, CCSP, Azure Security Engineer, Azure Solution Architect Expert, AWS Solution Architect Associate/Professional
  • Familiarity with GDPR, SOC-2, and similar compliance frameworks
  • Practical experience with important elements of our technology stack including Terraform, Python, Ansible, AD, Kubernetes, and AWS native storage types and distributed computing technologies
  • Demonstrated team leadership abilities
  • Excellent interpersonal, English written and verbal communication and presentation skills

Must have:

  • Knowledge and hands-on experience with other key components of cybersecurity such as network & infrastructure security, access and identity management, threat detection, incident response, vulnerability management, security governance, risk and compliance, security architecture, data protection and others. 

Ideally, you …

  • Have a UK or accepted equivalent Security clearance preferred, or can obtain it
  • Existing experience with GDPR data protection requirements
  • Are an intellectually curious person with a genuine passion for cybersecurity. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.

 

All positions to be filled in US, Canada or EEA countries, all full-time employee or full time contractor, all ‘remote work’.  Depending on the country of residency, we may, at our discretion, employ you as a contractor directly attached to OneMarketData LLC, or by way of an ‘Employer of Record’ / ‘Agent of Record’ that has an office in the country.  We are willing to pay for co-working space when we believe it is appropriate.  All positions will require a background check, signed NDA, signed contract, signed GDPR processor pass-through agreement (since we act as a data processor under GDPR).  Salaries will be commensurate with experience, education, skill set, and local norms.

 

Sound like you? Apply Today.