The Senior Security Engineer is responsible for ensuring the security of TCW. The individual in this position will work to successfully develop, implement, and maintain key functions of the Information Security Program, and serve as a member of the incident response team. Ideal candidate must have deep knowledge in essential security practices, with deep expertise in vulnerability management, security operations, and incident response functions. The successful candidate should excel at collaborating across multiple teams to drive remediation of security issues, and serve as a leader for team members. Ability to communicate effectively across the business and technology at all levels in the organization is required.

• Develop and maintain a robust vulnerability management program. This involves identifying, assessing, and prioritizing vulnerabilities across the organization’s infrastructure.
• Conduct risk assessments for existing and new systems, recommending solutions to reduce exposure areas.
• Oversee the organization’s penetration testing and threat hunting programs to proactively identify opportunities to improve the organization’s security posture.
• Lead the Security Operations Center (SOC) team, ensuring timely detection and response to security incidents.
• Coordinate incident response efforts with cross-functional teams to mitigate security breaches.
• Prepare reports and analytics for management to demonstrate the security posture of the organization.
• Implement and maintain solutions to enable forensic analysis and investigations.
• Collaborate with cross-functional teams to develop and refine the patch management process
• Engineer and manage data protection solutions, providing recommendations to continually enhance the organization’s capabilities.
• Rotating on-call schedule required.

• Bachelor’s Degree in Computer Science or a related field, or equivalent work experience
• 6+ years of experience in the information security industry, with at least 4 years in a senior leadership role directly supervising staff
• Advanced knowledge of essential security practices, such as vulnerability and patch management, incident response, and endpoint protection
• Familiarity with industry frameworks such as NIST CSF, ISO 27001, SOC 2 Type II, etc.
• Strong technical foundation, including security architecture, threat modeling, vulnerability assessments, and cloud security

• Strong communication skills: This role must communicate with various stakeholders including business leaders, clients, team members, engineers, regulators, and legal counsel
• Problem-solving and decision-making abilities
• Strong leadership and interpersonal skills

• Experience working in the financial services industry