Senior Cloud Security Engineer

Acadian Asset Management LLC is a Boston-headquartered investment management firm with wholly owned affiliates located in Singapore, London, and Sydney. As of March 31, 2025, the firm managed approximately US$122 billion on behalf of major pension funds, endowments, foundations, governments and other investors based in the U.S. and abroad.

Position Overview:

The Senior Security Engineer, reporting to the Director of Information Assurance, is responsible for cloud platform and DevOps security. This senior role will call upon the candidate’s DevSecOps experience to help Acadian Shift Left, injecting security directly into our Software Development Lifecycle and consistently governing our AWS Platform-as-a-Service (PaaS) infrastructure. We are looking for candidates with deep experience and understanding of continuous delivery, container security, SAST/DAST, secrets management, Identity and Access Management (IAM) governance, privilege management, encryption and key management, threat detection, logging, cloud infrastructure security and policy-as-code.

What You’ll Do:

· Assess Acadian’s cloud IAAS environments for Indicators of Misconfiguration (IOMs) utilizing AWS built-in and third-party assessment tools. Utilizing tools like AWS Config, Security Hub, Inspector, Guardduty, and Crowdstrike Falcon, assess monitor and prioritize remediation of Cloud security vulnerabilities.

· Utilizing Policy-as-Code toolkits such as Checkov, develop controls and warnings that inform software delivery teams and integrate security controls into DevOps pipelines. Drive down cloud vulnerability state by working with impacted teams to resolve security issues.

· Develop and maintain tools to detect and remove secrets from code check-ins.

· Establish development best practices for working with code libraries such as docker, pypi and others, ensuring that libraries are only obtained from trusted sources, e.g. Jfrog Artifactory.

· Assist the Information Assurance team with data leak prevention techniques aimed at preventing the exfiltration of code from the Acadian network.

· Work with the Identity and Config team to ensure least privilege in Acadian’s federated identity systems, utilizing tools such as Saviynt, Okta and Microsoft Entra ID. Assist with federation of key enterprise applications as necessary.

· Build Security infrastructure in AWS using Terraform and Cloudformation, leveraging best practices such as multi-region and multi-Availability zone architecture with autoscaling.

· Assist with code governing configuration of an AWS-based global network, including third-party security tools such as Zscaler and Palo Alto Networks.

· Help the Information Assurance team support IT service delivery to Acadian business units 24x7 as part of an on-call rotation, including interaction with MSSP incident responders.

· Work with other IT delivery teams, including the Infrastructure Engineering team, to coordinate cross-team initiatives to achieve firm-wide goals and objectives to drive security projects.

· Document incident findings to help build our knowledgebase; Maintain a strong security posture over enterprise-wide platforms and systems; administer multi-layered technologies to monitor and protect data and equipment from attacks.

We’re Looking for Teammates With:

· Bachelor’s degree in computer science or a related field is required. CISSP, CISA, SANS GIAC, or relevant security certification(s) desired. Additional certifications such as CCNA/CCNP, AWS Security etc. desired.

· 10+ years of IT experience, ideally with some project management.

· Familiarity with AWS, infrastructure-as-code, firewalls, vulnerability assessment tools, DLP, TCP/IP, web content filtering, VPN, endpoint protection, password management/Vaults, log management and correlation, and device/application hardening.

· Understanding of API programming.

· Knowledge of scripting languages like Python.

· Knowledge of infrastructure automation technologies such as Cloudformation and Terraform.

· Strong interpersonal and communication skills.

· Demonstrated analytical and problem-solving skills.

· Ability to work with technical resources, communicate business requirements, set priorities, and manage expectations.

· Ability to multi-task and work on multiple projects.

· Experience with project management life cycle and application architecture.

· Experience in cryptographic technologies and their applications in secure e-mail, content security (for file and database protection), SSL/TLS, code signing, digital signature and digital rights management.

· Proficiency with MS-Windows, Linux, Networking, VMWare, AWS, Azure and M365 suite.

· Strong interpersonal skills to interface with management and staff at all levels within the organization as well as with business partners and vendors.

· Ability to work in a fast-paced and deadline-oriented environment. Self-motivated with critical attention to detail, deadlines and reporting.

Why Work Here:

Acadian is a quantitative investment firm where ideas are empowered by technology. Our team is made up of a diverse mix of professionals who thrive in a culture that fosters ingenuity through collaboration and transparency.  We offer a casual office environment, top-notch benefits, and excellent professional and personal development opportunities.

To apply for this position or view Acadian’s open roles, please visit the Careers section of our website at: http://www.acadian-asset.com/careers/Job-opportunities. We will contact only selected candidates.  If you are a candidate with a disability, or are assisting a candidate with a disability, and require an accommodation to apply for one of our jobs, please email us at recruiting@acadian-asset.com.

Acadian Asset Management LLC is committed to providing equal employment opportunity to all employees and  applicants. No employee or applicant shall be discriminated against on the basis of gender, race, creed, color, sex, age, national origin, marital status, pregnancy or parenthood, veteran status, citizenship status, disability, gender identity, or sexual orientation.