About The Job Tower Research Capital is a leading quantitative trading firm founded in 1998. Tower has built its business on a high-performance platform and independent trading teams. We have a 25+ year track record of innovation and a reputation for discovering unique market opportunities. Tower is home to some of the world’s best systematic trading and engineering talent. We empower portfolio managers to build their teams and strategies independently while providing the economies of scale that come from a large, global organization. Engineers thrive at Tower while developing electronic trading infrastructure at a world class level. Our engineers solve challenging problems in the realms of low-latency programming, FPGA technology, hardware acceleration and machine learning. Our ongoing investment in top engineering talent and technology ensures our platform remains unmatched in terms of functionality, scalability and performance. At Tower, every employee plays a role in our success. Our Business Support teams are essential to building and maintaining the platform that powers everything we do — combining market access, data, compute, and research infrastructure with risk management, compliance, and a full suite of business services. Our Business Support teams enable our trading and engineering teams to perform at their best. At Tower, employees will find a stimulating, results-oriented environment where highly intelligent and motivated colleagues inspire each other to reach their greatest potential. Role Summary You will own the day-to-day security operations that keep our on-premise and cloud based engineering stack running safely and smoothly. The position is hands-on: triage incoming tickets, perform user-lifecycle tasks, maintain policy configurations, facilitate third-party risk reviews, and follow through with internal and external clients until issues are fully resolved. Key Responsibilities Identity & Access Management (IAM) – User Lifecycle Management, maintaining roles(RBAC), entitlements, and policy violations in SailPoint IIQ, Okta (SSO, MFA, SCIM), and Keeper. Troubleshooting authentication/authorization failures and managing quarterly access certifications. Secrets & Key Management – Operating and tuning HashiCorp Vault, provision accounts, manage PKI/TTL policies, champion best practices. Secure Endpoint Management - Operating and Managing EDR / NDR to ensure the tools are configured as per industry best practices Secure Network Access – Administering Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) policies, SSL-inspection exceptions, and environmental health. Ticket & Workflow Governance – Monitoring inbound ticket queues, review access and change requests, and approve or decline workflows in line with internal security policies. Third-Party Risk Coordination – Facilitating vendor-led third-party risk assessments: act as primary liaison between the external assessment partner and internal system owners, gather evidence, track remediation items, and ensure assessments are completed on schedule. Client-Facing Communication – Owning ticket queues, status calls, and post-mortems; ensure SLAs are met and stakeholders remain informed. Required Qualifications 3+ years in security operations, IT ops, or IAM engineering. Hands-on admin experience with at least three of the following: SailPoint IIQ, Okta, HashiCorp Vault, Zscaler, Keeper, Duo, AWS IAM, Azure AD. Working knowledge of authentication protocols (SAML, OAuth 2.0/OIDC, Kerberos, LDAP) and network fundamentals (TCP/IP, TLS, DNS). Familiar with ITIL-based incident, change, and problem-management processes. Excellent written and verbal communication skills; able to run client calls and produce clear after-action reports. Preferred / Nice-to-Have SailPoint IdentityIQ or Okta Certified Professional/Administrator. Experience with zero-trust architectures or ZTNA products (Zscaler, Netskope, etc.). Exposure to secrets-as-a-service and dynamic secrets in HashiCorp Vault. Cloud-security certifications (AWS SAA/Security Specialty, AZ-500, or equivalent). Familiarity with GRC tooling (ServiceNow IRM, Archer) and evidence gathering for third party questionnaires and audits (SOC 2, ISO 27001). Familiarity in scripting/automation (PowerShell, Python, or Bash) and using REST APIs for integration or remediation. Core Competencies Customer Obsession: Close the loop with customers and internal partners. Drive to Learn & Share : Learn new technologies and contribute to overall growth of the team Operational Rigor: Value checklists, metrics, and continuous improvement. Bias for Automation: If you do it twice, script it. Benefits Tower’s headquarters are in the historic Equitable Building, right in the heart of NYC’s Financial District and our impact is global, with over a dozen offices around the world. At Tower, we believe work should be both challenging and enjoyable. That is why we foster a culture where smart, driven people thrive – without the egos. Our open concept workplace, casual dress code, and well-stocked kitchens reflect the value we place on a friendly, collaborative environment where everyone is respected, and great ideas win. Our Benefits Include Generous paid time off policies Savings plans and other financial wellness tools available in each region Hybrid working opportunities Free breakfast, lunch and snacks daily In-office wellness experiences and reimbursement for select wellness expenses (e.g., gym, personal training and more) Volunteer opportunities and charitable giving Social events, happy hours, treats and celebrations throughout the year Workshops and continuous learning opportunities At Tower, you’ll find a collaborative and welcoming culture, a diverse team and a workplace that values both performance and enjoyment. No unnecessary hierarchy. No ego. Just great people doing great work – together. Tower Research Capital is an equal opportunity employer. Show more Show less
