The Security Department’s mission is to protect Bridgewater. We secure the investment engine, which manages over $160 billion in assets for global institutional clients, as well as various business operations functions. We constantly evolve our cyber, physical, and staff security practices to meet the business needs and stay ahead of the changing threat landscape.
Embedded Security is a forward deployed team of security professionals that leverage central security services to enable and audit security within different Bridgewater departments. Embedded teams develop a deep understanding of the business’ assets, technology, and processes, partner to secure them, and act as a liaison between the business and Security. Some departments have advanced technology teams that develop and operate multiple platforms and applications, requiring a solid technology bench on the Embedded Security team.
What You’d be Doing
The Technology Security Lead (TSL) is the business’ main partner for protecting their digital and technology assets, including data, infrastructure, endpoints, applications, and technology services. TSLs act a bridge between Security and the business. They work with technologists (e.g., architects, engineers, developers, technology managers) and business management to integrate Security to the business’ technology strategy. They partner with Security auditors and assessors to help the business identify, interpret, and implement applicable security standards in a way that enables and protects the business. When necessary, they shepherd the business through risk governance processes to ensure appropriate risk acceptance and tolerance.
Additionally, TSLs play a critical role in communicating the business’ technology current state and strategy to Security so our controls portfolio can properly evolve and support their technology in the long term.
Their days range from operating day-to-day processes that support rugged agile development and deployment of new technology to designing and executing highly visible strategic initiatives to strengthen the business’ security posture.
You’d click for this role…
…If you’re an expert in:
- Security technologies and controls
- Network, endpoint, and application security practices
- Cloud security management and enforcement
- Cloud services providers and infrastructure platforms
- Industry standard security practices
- Cyber security threats and vulnerability landscape
- Risk management methodologies
- Working knowledge of common programming languages and platforms
…If you’re great at:
- Building and managing business relationships
- Assessing the security of network architecture
- Analyzing, prioritizing, and communicating risk
- Leading complex technology initiatives and security enhancement projects
- Cultivating collaborative relationships with a broad range of stakeholders (e.g., senior leaders and operators, technologists and non-technologists)
- Quickly, decisively, and deliberately reacting in urgent, high-visibility situations
- Communicating complex and technical issues to diverse audiences in an easily-understood, authoritative, and actionable manner
…If you’re able to:
- Quickly learn about the business, its technology, and risks
- Logically evaluate and prioritize risks
- Practically and resourcefully solve problems
- Reliably and independently get work done
- Partner with colleagues to develop a strategic vision
- Strategically balance business needs and security requirements
- Empathize and collaborate with colleagues who have competing priorities
- Calmly and reasonably resolve issues and conflict
- Confront ambiguous situations head on
You’ll be into this if you:
- Thrive in demanding, fast-paced environments that require you to think strategically as well as join your team in the trenches to solve problems.
- Are passionate about the importance of security, and want to partner with colleagues who need your expertise.
- Enjoy exposure to a breadth technology through involvement in various technology projects.
- Have a strong ownership mentality and drive for results.
- Value truth, openness, and pursuing excellence.
Boxes to check:
- 10+ years of relevant security or technology “hands on” experience, including infrastructure and application security
- Experience securing complex technology projects, including cloud migration
- Educational background or professional equivalency in Computer Science, Information Systems, Technology Engineering or Architecture, or a related field
- Preferred: experience in a high discretion, classified environment
Bridgewater Associates is focused on understanding how the world works. By having the deepest possible understanding of the global economy and financial markets, and translating that understanding into great portfolios and strategic partnerships with institutional clients, we've built a distinct track record of success. We've done this for more than 40 years by having great people operate in a culture of radical truth and radical transparency. Today, we manage about $160 billion for approximately 350 of the largest and most sophisticated global institutional clients including public and corporate pension funds, university endowments, charitable foundations, supranational agencies, sovereign wealth funds, and central banks.
Please note that we do not provide immigration sponsorship for this position.
Bridgewater Associates, LP is an Equal Opportunity Employer.