Senior Security Engineer Vulnerability & Exposure Management

About the Role

The role is nestled within a dynamic team that values collaboration, innovation, and a relentless pursuit of excellence. You will have the opportunity to work closely with cross-functional teams, including investment operations, technology, and risk management, to ensure the integrity and security of Bridgewater's systems and data.

Bridgewater's commitment to cutting-edge technology and its dedication to fostering a culture of openness, transparency, and inclusion create a unique and stimulating work environment. As a Senior Security Engineer, you will be expected to embody these values, contributing your expertise to the continuous improvement of the company's security posture.

What You Will Do

• Develop and implement comprehensive security strategies to mitigate vulnerabilities and exposures across the organization
• Conduct thorough risk assessments and penetration testing to identify potential security threats
• Design and deploy security measures to protect against cyber threats, ensuring the integrity of Bridgewater's systems and data
• Collaborate with the development team to ensure the implementation of secure coding practices and secure software development lifecycle processes
• Analyze security incident response plans and procedures, ensuring they are effective and up-to-date
• Develop and maintain detailed documentation of security controls, processes, and procedures
• Provide expert security advice and guidance to internal stakeholders, promoting a culture of security awareness
• Participate in the evaluation and recommendation of new security technologies and tools
• Develop metrics and reporting to measure the effectiveness of security controls and compliance with regulatory requirements
• Stay abreast of emerging threats, vulnerabilities, and technologies, applying this knowledge to enhance Bridgewater's security posture

What We Are Looking For

• Proven experience as a Senior Security Engineer or similar role, with a focus on vulnerability and exposure management
• Strong knowledge of security engineering principles, threat modeling, and risk management
• Proficiency in Excel and other relevant security tools and technologies
• Excellent analytical and problem-solving skills, with the ability to interpret complex security data
• Strong communication and interpersonal skills, with experience in collaborating with technical and non-technical stakeholders
• A bachelor's degree in Computer Science, Cybersecurity, or a related field
• Relevant security certifications (e.g., CISSP, CEH, CISM) are highly desirable
• Experience working in a fast-paced, dynamic environment, with the ability to adapt to changing priorities
• A deep understanding of security frameworks, compliance, and regulatory requirements

Nice to Have

• Experience with cloud security platforms (AWS, Azure, Google Cloud)
• Knowledge of containerization technologies (Docker, Kubernetes)
• Familiarity with security orchestration, automation, and response (SOAR) solutions
• Certification in a specific area of security (e.g., cloud security, penetration testing)
• Participation in bug bounty programs or capture the flag (CTF) competitions

Benefits and Perks

• Competitive compensation package
• Comprehensive health insurance coverage
• Generous paid time off (PTO) and holiday schedule
• Opportunity to work with a premier asset management firm
• Collaborative, dynamic work environment
• Professional development opportunities, including training and education assistance
• Flexible remote work arrangements
• Access to cutting-edge technologies and tools
• Recognition and reward for outstanding performance and contributions

• Tailor your resume and cover letter to highlight your experience in security engineering, vulnerability management, and Excel proficiency.
• Prepare to back your claims with specific examples of how you've identified and mitigated security risks in previous roles.
• Familiarize yourself with Bridgewater's culture and values, demonstrating how your skills and experience align with the company's unique approach to investment strategy and management.
• Develop a deep understanding of the current cybersecurity landscape, including emerging threats and technologies, to show your potential to contribute to the company's security posture.
• Practice your problem-solving skills, as you may be presented with scenario-based questions during the interview process.
• Be prepared to discuss your experience with security frameworks, compliance, and regulatory requirements, and how you've applied this knowledge in previous roles.
• Show enthusiasm for continuous learning and professional development, highlighting any relevant certifications, training, or education you've pursued to enhance your skills.