Cloud Security Engineer

LMAX Group is a global financial technology company and the leading independent operator of multiple institutional execution venues for FX and crypto currency trading. The Group's portfolio includes LMAX Exchange (institutional FX exchange and FCA regulated MTF), LMAX Global (FCA and CySec regulated brokers) and LMAX Digital (GFSC regulated institutional spot crypto currency exchange).

Our mission is to create a level playing field for all participants in the world's biggest financial markets, through transparent, precise and consistent execution, based on robust trading technology.

We are looking for people who want to help us change the game, not just play it.

LMAX Group fosters inclusive recruitment practices. We are an equal opportunity employer as we welcome everyone to our team. We encourage people of colour, women, people from LGBTQ+ community, and people with disabilities to apply. Please let us know if you need reasonable adjustments at any point in the application or interview process.

About the role:

Day to day, this role will involve managing our Cloud Infrastructure Security Posture across our brands, working alongside colleagues in New York, Singapore and New Zealand. You will be a key driver for ensuring development in the cloud is carried out to the highest security standards, driving the LMAX brand towards Compliance-As-Code and monitoring our environment for configuration and build improvements.

You will work with the wider technology teams to improve the security posture of our digital currency trading and custody solutions - not only the platform itself, but also how it interacts with the various blockchains and the on-premises low latency exchanges. The primary objective of maintaining transaction confidentiality and integrity, and the availability of the trading environments for LMAX customers.

Tha nature of the role is hybrid, we would expect you to commute 2 times a week to our headquarters in Shepard's Bush.

Responsabilities:

• Implement and Automate Security Controls: Explore, implement, and automate security controls across complex Cloud environments using tools like Terraform and Ansible.
• Security Reviews and Guidance: Provide Cloud security guidance, awareness, and reviews for Engineering teams, ensuring alignment with security standards such as but not limited to NIST.
• Third-Party Security Tools & Incident Response: Implement third-party security tools and assist in major incident response, working with the CSOC team on Cloud threats and events.
• Cloud Security Tooling & Threat Modelling: Build and enforce Cloud-native security tools, desired experience in conducting threat modelling, and architectural reviews to enhance security practices.
• Support, Compliance, and Governance: Support Risk & Compliance, support cost control measures, identify Cloud platform improvements, and promote Cloud security across the company.
• Map attack paths and lead implementation of controls to mitigate findings
• Work with the Security Operations Centre (SOC) tools to improve the alerts
• Maintain the confidentiality, integrity and availability of LMAX information assets.
• Continuous improvement of monitoring and alerting from the cloud estate feeds the SOC tools.
  

Requirements

• AWS Expertise & Cloud Security: Desired knowledge and experience in implementing security controls across AWS, and Azure would be beneficial.
• Cloud & Networking Skills: Desired experience in cloud networking.
• Kubernetes exposure: Experience with securing Kubernetes environments, and familiarity with Kubernetes logging and auditing practices.
• Agile & Automation Experience: Experience in agile environments, CI/CD platforms, and automating security processes, with scripting/programming skills (e.g. Python).
• Infrastructure & Compliance as Code: Knowledge of Infrastructure as Code (IaC) and Policy as Code practices, driving Cloud Security maturity in fast-paced settings.
• Stakeholder Management & Leadership: Proven ability to manage stakeholders, guide engineers on best practices, and an Interest for open-source technologies.
• Desired experience with securing deployment pipelines with web-based Git and on-premises gitlab repositories, and common cloud services such as Lambda, Cloudflare.

Benefits

• 25 days of holiday
• Bonus
• Pension contribution

• Private medical, dental, and vision coverage
• Life assurance
• Critical illness cover
• Wellness contribution program with access to ClassPass
• Plumm Platform
• Five volunteering days
• Give as You Earn initiative
• Learning and development programs
• Electric Vehicle Scheme
• Cycle to Work Scheme
• Season Ticket Loan