A leading global trading firm is expanding its Cybersecurity function and is looking to hire a Security Engineer – Risk & Controls. This is a rare opportunity to join a high-performing technology environment, working closely with engineering, compliance, and risk teams to help the firm operate securely across global markets.
This role is ideal for someone who thrives on solving practical security problems in complex, high-speed environments, not just ticking boxes.
Responsibilities will include:
* Assess new markets and regulatory developments (e.g., SEBI, SEC, MAS) to identify the cybersecurity controls needed for the firm to operate securely.
* Partner with compliance engineering, technology, and finance teams to design, implement, and validate effective security controls.
* Think like an attacker, anticipate real threats, evaluate control weaknesses, and strengthen the firm’s security posture.
* Ensure fundamental security controls are well-designed and properly implemented across the environment.
* Contribute to a pragmatic, engineering-led security function that enables business growth while reducing real-world risk.
Successful candidates must have:
* 1–5 years’ experience in Cybersecurity, Information Security, or Technology Risk roles.
* A background that began in a technical security discipline (e.g., security operations, incident response, vulnerability management, or penetration testing) and has evolved toward risk and controls.
* Someone who can think deeply about security, who can articulate what a technology-driven trading firm needs to worry about and what controls should be in place, rather than just reciting frameworks.
* Strong technical foundations, ideally with a degree in Computer Science, Engineering, or a related field.
* Experience working in mid-sized or scaling technology organizations (roughly 1,000–3,000 employees) or having joined an earlier-stage company and helped it grow through that phase.
* A hands-on, analytical mindset, focused on effective, well-designed controls rather than compliance checklists.
* Excellent collaboration skills and the ability to partner across technical and business teams.
What This Role Is Not
* Not a strategic or management-level position, it’s hands-on implementation work in a complex, technical environment.
* Not a compliance-driven or audit-heavy role (ISO/SOX/NIST) — this is about practical, engineering-led control design.
London (4–5 days on-site)