Cyber Security Engineer

The Tidal Financial Group is a leading ETF investment technology platform dedicated to creating, operating, and growing ETFs. We combine expertise and innovative partnership approaches to offer comprehensive, value-generating ETF solutions. 

Our platform offers best-in-class strategic guidance, product planning, trust and fund services, legal support, operations support, marketing and research, and sales and distribution services.

We are prioritizing candidates who are located within close proximity to Chicago, Milwaukee, NYC, and Palm Beach.

About the role

Tidal Financial Group is seeking a Cyber Security Engineer to ensure the confidentiality, integrity, and availability of our systems and data. This role emphasizes SOC2 compliance using Drata, Microsoft Intune management, AWS security, and end-to-end incident response. The successful candidate will handle day-to-day security operations (reports, monitoring, user training), strengthen our security posture through EDR solutions (e.g., SentinelOne), and support future certifications (ISO, PCI) while aligning with financial regulations (SEC, FINRA).

What you'll do

1. Security Operations

• Maintain SOC2 compliance via Drata, ensuring continuous monitoring and evidence collection.
• Manage Microsoft Intune policies and device configurations.
• Deploy and oversee EDR tools (e.g., SentinelOne) and AWS GuardDuty for threat detection.
• Conduct security incident response, including containment, mitigation, and post-incident reviews.
• Provide security support and guidance to users and IT teams.

2. Frameworks & Compliance

• Support SOC2 initiatives, with an eye toward future ISO and PCI certifications.
• Understand financial industry regulatory needs (SEC, FINRA) and apply them in security policies.
• Develop and enforce company-wide security policies, including cloud (AWS, Azure, GCP).

3. Incident Response & Training

• Lead incident response planning and execution, maintaining up-to-date playbooks.
• Deliver security training to improve user awareness and adherence to best practices.
• Oversee security awareness platform compliance and user engagement.

4. Security Research & Implementation

• Conduct vulnerability assessments, penetration tests, and cloud security reviews.
• Recommend new tools and practices to address evolving cyber threats.
• Evaluate and integrate security solutions (SIEM, WAF, etc.) to enhance detection and prevention.

5. Collaboration

• Advise the Head of IT on cyber risk, compliance strategies, and regulatory updates.
• Collaborate with cross-functional teams to align security measures with business objectives.
• Communicate risks, remediation plans, and security findings to executive stakeholders.

6. Reporting & Documentation

• Generate and maintain audit-ready documentation
• Prepare reports on incidents, root-cause analysis, and compliance status.
• Maintain security metrics for continuous improvement and executive visibility.

Qualifications

Education & Experience: Bachelor’s or Master’s in Cybersecurity, Computer Science, or related field. 7–10 years of hands-on cybersecurity experience, including penetration testing and cloud security.

Technical Expertise:

• Strong proficiency with Drata, SOC2 frameworks, and Microsoft Intune.
• Experience with AWS security tools (GuardDuty), EDR solutions (e.g., SentinelOne), and SIEM systems.
• Familiarity with financial regulations (SEC, FINRA) and future certifications (ISO, PCI).
• Analytical & Leadership: Solid incident response capabilities, root-cause analysis, and team mentoring skills.
• Communication: Ability to translate technical concepts for diverse audiences and present findings clearly.
• Certifications (Preferred): CISSP, CEH, OSCP, CISM, or relevant industry certifications.

We are prioritizing candidates who are located within close proximity to Chicago, Milwaukee, NYC, and Palm Beach.