Lead Security Engineer

Please note that we will only be able to accept candidates who have the appropriate rights and documentation for employment in India. 
 

We want to inform all prospective candidates that Axi's designated Employer of Records (EOR) in India is Multiplier. As part of our commitment to legal compliance, all Axi India employees will be officially working under Multiplier India (usemultiplier.com). 

 

Who we are? 

Axi is a leading global provider of margin and deliverable Foreign Exchange, Contracts for Difference (CFDs), and Financial Spread betting. Our business has evolved into a world-class, multifaceted brokerage with offices in six regions. With heavy investment in the latest trading technology, Axi seeks to offer the most comprehensive end-to-end trading experience available, servicing traders of all levels from beginners to institutional-level clients.  

 

Let's talk about the cool stuff you will do at Axi! 

At Axi, we are building DevOps and Site Reliability Engineering Teams to deliver, maintain and operate our cloud-based technology products. Team members will have enacted product ownership roles but also be expected to have a breadth of skills to contribute to our overall technology delivery lifecycle. 

This role will develop, maintain and implement security and control policies through automation and DevSecOps best practices. To work in close collaboration with technology teams through all areas of the development and operations to ensure that Axi, it’s network, systems and data, is kept safe and secure from unauthorised access and nefarious actors. 

The successful candidate will have a lead role in security technology selection, deployment and ongoing management for mission critical production services. As lead for security implementation and management, you will also be the technical liaison for any recertification with external security auditors. This role requires excellent written and oral communication skills as you will be interfacing with Axi’s management and internal functional teams at all levels. 

 

Your EDGE Assignment/You Will 

• Operate as a core member of the Technology team and the owner for our Security Framework across our network perimeter, internal access / endpoints, and data.  

• Lead projects through design, pilot and deployment for new security solutions across multi-vendor cloud environments.  

• Create Security Solution Patterns in order to execute repeatable, consistent deployment solutions 

• Implement, configure, and upgrade cloud computer systems, servers, firewall, intrusion-detection and network infrastructure using security best practices and incorporating solutions to meet or exceed SOC2, ISO 27001, and other regulatory requirements. 

• Review implementation of security controls and evaluate effectiveness, make recommendations for improvements and execute against those recommendations 

• Research security trends and emerging technologies, identify our business and technical requirements, perform technical evaluation and support deployment of multi-regional security solutions. 

• Develop a strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, i.e. ISO 27001 

• Keep abreast of security incidents and act as primary control point during information security incidents 

• Contribute to Continuous Integration and Continuous Deployment (CI/CD) solutions 

• Contribute to automation of our code delivery pipeline with the goal of one click deployments, rollbacks, and parameterized builds, advising developers on best security practices. 

 

 

Are you the one? 

You need to have the following skills. 

• 10+ years security administration experience covering network, cloud, data, identity and associated infrastructures.  

• Knowledgeable in PCI, HIPAA, SOC, or ISO 27001 security compliance standards, certification, reporting and maintaining process 

• Well versed in internet architectures, including web, application, and database components such as IIS, memcache, MySQL, SQL Server, etc. 

• Experience with Cloud Service Providers (Azure & AWS) capabilities and architectural best practices, as well as experience implementing security mechanisms and controls in a cloud environment. 

• Solid understanding of TCP/IP network protocols and experienced with firewalls, NAT, packet analysis and tools managing server 

• Familiarity with security forensics and analysis of security threats and events and able to perform vulnerability scans, analyse results and assist with remediation. 

• Experience of CI/CD processes and tools, and secure SDLC preferred 

• Coding experience with Terraform, Python, or other IAC tools is highly desirable 

• Strong oral and written communication skills, in English, with ability to understand technology sufficiently to clearly communicate the complexity in simple terms for key stakeholders 

• Exposure to DevOps and Agile ways of working  

• Bachelor’s degree in Computer Science, Engineering, or a related field. 

 

 

Axi's bag of delights 

• Competitive and attractive compensation. 

• Extensive learning opportunities, such as professional training and certifications and soft skills development. 

• 18 annual leave days per year. 

• 12 sick days leave per year. 

• Public holidays as declared by local government. 

• Maternity leave as per law. 

• Health Insurance. 

 

 

Axi's interview journey 

• Talent Acquisition Interview (30 minutes) 

• Culture Interview (30 minutes) 

• Technical Interview (90 minutes) 

• Hiring Manager Interview (30 minutes) 

 

Please note that our organization works with recruitment agencies on a pre-approved basis only. A recruitment agency that wishes to submit candidate profiles or resumes for consideration must obtain prior written consent from our talent acquisition team. We do not accept unsolicited resumes from recruitment agencies, and we will not be responsible for any fees related to unsolicited resumes. Should we receive an unsolicited resume from a recruitment agency that does not have prior written consent, we will not be responsible for the payment of any fees related to the recruitment of the candidate represented in the unsolicited resume.