Senior Information Security Engineer

• Security Platform Engineering & Operations: Take a lead role in the management enhancement and maintenance of critical security infrastructure including our secure access and SIEM platforms. This involves creating and tuning policies developing detection logic managing data ingestion maintaining integrations and ensuring consistent performance while acting as a technical lead for troubleshooting.
• Threat Detection & Incident Response: Serve as a subject matter expert during security incidents leveraging our security stack to investigate and respond to threats. This includes evaluating common exploits network attacks and phishing techniques; performing basic malware analysis; and aligning all activities with our Incident Response Plan and the MITRE ATT&CK framework.
• Security Architecture & Strategy: Define security measures and reference architecture patterns in collaboration with Systems Architects across the business. Help manage traceability between business objectives and security strategy to continuously improve our security design development and deployment processes.
• Risk Management & Vulnerability Mitigation: Conduct comprehensive analyses to identify business-critical systems and applications. Identify analyze and resolve security deficiencies developing effective risk mitigation measures for our vulnerability and incident management programs and recommending corrective actions.
• Cloud & Third-Party Security: Contribute to the development of technical guidance and security principles for our cloud technology environments. Evaluate the security risks posed by third-party vendors and services developing and implementing effective mitigating strategies.
• Audit & Compliance: Participate in internal audits and security program initiatives to assess our security maturity. Help interpret and apply requirements from applicable standards and regulations (e.g. ISO 27001 NIST) to ensure our technologies and processes adhere to regulatory standards.
• Project-Based Security Deployment: Actively participate in projects to deploy new security technologies.
• Documentation & Best Practices: Develop and maintain clear concise documentation for security systems policies and procedures in our internal knowledge base. Champion security best practices across the organization.
• Proactively Secure Development Lifecycle: Focus on integrating security at every stage of software development to ensure that every release adheres to security best practices. Use tools and practices to identify vulnerabilities early and continuously.
• Information Security Evangelist: Be an information security leader and a partner within the developer community

• 5+ years of experience in an Information Security Network Engineering or Systems Engineering role with a strong security focus.
• Relevant security certifications (e.g. CISSP GIAC or other cloud/network security credentials).
• Demonstrated hands-on experience deploying and managing a leading SASE platform including its ZTNA Secure Web Gateway (SWG) and Cloud Access Security Broker (CASB) functions.
• Strong proficiency with a major SIEM platform (experience with modern cloud-native platforms is highly preferred). Must have experience with log ingestion parsing and engineering detection rules with advanced query languages.
• Deep understanding of core networking principles (TCP/IP DNS BGP IPsec) and firewall management.
• Broad experience across multiple IT domains demonstrating the ability to work effectively in a "small team" environment.
• Proficiency in a scripting language (e.g. Python PowerShell) for automation and integration.
• DevOps and Automation Skills as Nice to Have. Familiarity with CI/CD tools such as Jenkins GitLab CI or GitHub Actions is appreciated but not the focus-your goal is not to build or maintain these pipelines but to secure them.
• Familiarity with other common enterprise security tools such as: Endpoint Detection and Response (EDR) Identity and Access Management (IAM) vulnerability management solutions and Mobile Device Management (MDM).
• Must be available to participate in a 24x7 on-call rotation to support critical production systems and respond to security emergencies as needed.

What We Do

PEAK6 is not your typical investment firm. Here we build and invest in businesses that span from finance and insurance to esports and education — and we're always seeking new opportunities. We're not defined by one industry or market. We activate "what is" into "what ought to be" through world-class technology operational excellence and purposeful design. We're in the business of doing creating and building the world with innovation and democratization in mind. Our team of opportunistic thinkers are generating new ideas while constantly improving refining and activating past ones. At PEAK6 it's not just our investments that make use great but our people that make us valuable.

Why Work With Us

Ordinary doesn't apply here. We look for people who aren’t afraid to take chances who bet on themselves and do it with confidence. People that dream up big ideas and ways to execute them. Epic storytellers nimble problem solvers imaginative entrepreneurs and change-makers are all welcome.

Gallery