The Security Department’s mission is to protect Bridgewater. We secure the investment engine, which manages over $160 billion in assets for global institutional clients, as well as various business operations functions. We constantly evolve our cyber, physical, and staff security practices to meet the business needs and stay ahead of the changing threat landscape.
Embedded Security is a forward deployed team of security professionals that leverage central security services to enable and audit security within different Bridgewater departments. Embedded teams develop a deep understanding of the business’ assets, technology, and processes, partner to secure them, and act as a liaison between the business and Security. Some departments have advanced technology teams that develop and operate multiple platforms and applications, requiring a solid technology bench on the Embedded Security team.
What You’d be Doing
The Technology Security Lead (TSL) is the business’ main partner for protecting their digital and technology assets, including data, infrastructure, endpoints, applications, and technology services. TSLs act a bridge between Security and the business. They work with technologists (e.g., architects, engineers, developers, technology managers) and business management to integrate Security to the business’ technology strategy. They partner with Security auditors and assessors to help the business identify, interpret, and implement applicable security standards in a way that enables and protects the business. When necessary, they shepherd the business through risk governance processes to ensure appropriate risk acceptance and tolerance.
Additionally, TSLs play a critical role in communicating the business’ technology current state and strategy to Security so our controls portfolio can properly evolve and support their technology in the long term.
Their days range from operating day-to-day processes that support rugged agile development and deployment of new technology to designing and executing highly visible strategic initiatives to strengthen the business’ security posture.
You’d click for this role…
…If you’re an expert in:
- Security technologies and controls
- Network, endpoint, and application security practices
- Cloud security management and enforcement
- Cloud services providers and infrastructure platforms
- Industry standard security practices
- Cyber security threats and vulnerability landscape
- Risk management methodologies
- Working knowledge of common programming languages and platforms
…If you’re great at:
- Building and managing business relationships
- Assessing the security of network architecture
- Analyzing, prioritizing, and communicating risk
- Leading complex technology initiatives and security enhancement projects
- Cultivating collaborative relationships with a broad range of stakeholders (e.g., senior leaders and operators, technologists and non-technologists)
- Quickly, decisively, and deliberately reacting in urgent, high-visibility situations
- Communicating complex and technical issues to diverse audiences in an easily-understood, authoritative, and actionable manner
…If you’re able to:
- Quickly learn about the business, its technology, and risks
- Logically evaluate and prioritize risks
- Practically and resourcefully solve problems
- Reliably and independently get work done
- Partner with colleagues to develop a strategic vision
- Strategically balance business needs and security requirements
- Empathize and collaborate with colleagues who have competing priorities
- Calmly and reasonably resolve issues and conflict
- Confront ambiguous situations head on
You’ll be into this if you:
- Thrive in demanding, fast-paced environments that require you to think strategically as well as join your team in the trenches to solve problems.
- Are passionate about the importance of security, and want to partner with colleagues who need your expertise.
- Enjoy exposure to a breadth technology through involvement in various technology projects.
- Have a strong ownership mentality and drive for results.
- Value truth, openness, and pursuing excellence.
Boxes to check:
- 10+ years of relevant security or technology “hands on” experience, including infrastructure and application security
- Experience securing complex technology projects, including cloud migration
- Educational background or professional equivalency in Computer Science, Information Systems, Technology Engineering or Architecture, or a related field
- Preferred: experience in a high discretion, classified environment
Bridgewater manages global investments for a wide array of institutional clients, including foreign governments and central banks, corporate and public pension funds, university endowments and charitable foundations. Bridgewater is a highly entrepreneurial company, driven to success by: its process, its people, and its culture. At Bridgewater, we have invented, and keep inventing, superior approaches to investing and technology. We have fueled this innovation by recruiting talented, creative people from all backgrounds and promoting an invigorating and collaborative work environment. We are committed to the constant pursuit of excellence, and the belief that a meritocracy of ideas, not hierarchies, drives decision-making. Bridgewater is based in Westport, Connecticut.