HedgeServ is a fast-growing service-driven global administrator. We feature a unique technology platform with one of the most experienced service teams in the industry. HedgeServ provides a service solution for front office, risk, valuations, middle office, fund accounting, investor services and fund administration. Our services are completely customized for the needs of our individual hedge fund, fund of hedge funds and private equity fund clients. HedgeServ employs professionals globally across offices in New York, Dublin, London, Boston, Grand Cayman, Luxembourg, Sydney and Cork.

To find out more information about HedgeServ, please visit www.hedgeserv.com.

Job Description

The Senior Information Security Engineer is responsible for the development, implementation and operations of a comprehensive, enterprise-wide information security strategy and program for HedgeServ. S/he sets security policies, standards and processes and leads the development of enterprise-wide risk profiles; utilizes a risk-based methodology to inform work; anticipates threats and identifies potential impact; and serves as HedgeServ’s representative regarding security strategy and execution of HedgeServ’s security roadmap. The Senior Information Security Engineer will be responsible for utilizing and onboarding cutting edge security tools leveraging AI, ML, and adaptive analysis. Reporting to the Chief Information Security Officer, the Senior Engineer has duties that include but are not limited to:

• Develops and implements a risk management program for security and privacy-related areas, which includes modeling threats, identifying risks and vulnerabilities, establishing a risk analysis and mitigation plan, and reporting to executive management on both a regular and event-driven basis
• Leads a cross-functional security organization that may draw upon the resources and technical expertise from IT and other technology organizations
• Provides strategic and tactical security guidance for programs and projects that may involve security controls, including the evaluation of the enterprise architecture, hardware, software and technical controls
• Leads an enterprise information security incident response organization, provides oversight over security investigations, and assists with disciplinary and legal matters associated with security breaches and policy violations as necessary
• Works proactively with the IT Leadership team and their direct reports to assure strategic plans, security programs, and technical controls are aligned with their respective business strategies and in compliance with policies, applicable laws and regulations
• Coordinates the development and delivery of a security awareness training program for employees, contractors, and other parties.
• Coordinates the use of external third-party resources involved in the development, implementation and monitoring of the information security program, including performing penetration tests.
• Establishes a metrics-driven dashboard to evaluate the effectiveness of the Information Security program.
• Serves as a key thought leader in the field of Information Security, which includes working with key partners and vendors to develop thought leadership around policies, process, and capabilities that can help change or enhance the security strategy at HedgeServ
• Keeps informed of new technologies or application methodologies through publications, membership in professional organizations and contact with other IT organizations and institutions.
• Manage the Day-to-day administration of end-point protection / HIDS systems
• Security Analytics / event correlation systems administration, rules development, etc.
• Participate in the design and day to day administration of security systems that reflect state-of-the-art security best practices and compliance, ensuring a focus on balancing security effectiveness without introducing material operational friction – strong focus on DevOps and team enablement
• Developing, managing, and maintaining a posture of security practice / technology modernity with all systems under the purview of the global IT portfolio, includes, a server portfolio comprised of Windows and Linux systems on a range of X86/64 servers, the .NET and Java stacks, firewalls, ID/P (NIDS&HIDS), DLP, network-based AV, etc.