Senior Tech Security Associate

Job Description

Top-tier Hedge Funds

About the Security Department
Information Security is a critical responsibility - the company cannot operate unless it can protect its
assets, and the risks we face are constantly evolving. The Security department is responsible for enabling the company to achieve its goals in a secure way. This requires close partnership with the rest of the organization to
understand, communicate and manage all types of security risk including cyber, physical and human. The
security team works with each internal department as well as the firm's external partners to ensure all
company assets are protected to the highest possible standard.
About the Technology Department

We believe that the economic machine can be understood, so we strive to build a fundamental, cause-and
effect understanding of markets and economies. This mission is impossible to accomplish without great
technology. Our technologists collaborate with our business to design, engineer, and run platforms that
enable systemization and scale in everything we do. The Technology team at the engineers systems
to understand the world. These systems synthesize and industrialize our understanding into a hive mind of
macroeconomic knowledge, with a solid foundation built on highly available, highly performing, and secure
hybrid infrastructure which support and scale our investing operations.

About the Role
The Security Engineer is a hybrid role, reporting to the Head of Security and incorporating significant work
with and for the Technology department. This is a technical, execution-focused role encompassing a wide
variety of day-to-day operational tasks as well as contribution to the evolution of the security and
technology functions. Potential development paths include engineering, risk architecture, governance and
management depending on aptitude and interest.
Ideal candidates are self-motivated, hands-on operators who are passionate about technology and security
and thrive in an entrepreneurial and high growth environment. Candidates must have a track record of good
judgment, integrity and be aligned with our open and idea meritocratic culture.

Main Responsibilities
- Security and technology engineering and operations: monitoring, incident response, request
handling, control improvement, automation
- Quickly evolve with the environment, learning necessary skills and shaping the future of our
technology and security
- Apply security concepts and frameworks (e.g. defense in depth, least privilege, SANS top 20
controls) in a practical manner
Minimum Qualifications
- 5+ years of technology experience incorporating information security
- Experience working with cloud providers like Azure, AWS and Google Cloud Platform
- Relevant industry certifications and/or experience running, designing and building enterprise grade
technology
- Demonstrated ability to interface with non-security stakeholders to secure and enable business
initiatives
- Experience with network security controls such as Firewalls, Proxy, Data Loss Prevention, IDS, IPS
- Familiar with core IT infrastructure technologies and concepts Network, Microsoft environment,
Linux, endpoint hardware and software, automation and scripting, etc.
- Able to pass the AMAC Fund Practitioner License exams
- Proficient in English and Mandarin, written and oral

Preferred Qualifications
- Familiar with China cybersecurity and data regulatory environment (e.g. MLPS, CSL, Cross-border
data transfer)
- Proficient in basic security testing and vulnerability scanning methods, techniques, and tools
- Proficient in one or more security platforms (e.g. SIEM, DLP, firewalls, vulnerability scanners, etc)
- Experience in end user support, network operations, and/or security operations