Information Security Engineer

NFA is purpose-driven. We safeguard the integrity of the derivatives markets, protect investors and ensure that our Members meet their regulatory obligations. We take pride in our work; maintain a conviction to do the right thing; empower each other; and support our community. Envision your career in a place where performing critical regulatory work within the financial industry is as significant as the passionate and talented individuals with whom you work.

When you join NFA as an Information Security Engineer, you'll play a critical role in protecting the organization's infrastructure, systems and data through proactive security engineering and operational excellence. 

Bring your analytical and innovative mindset to help strengthen NFA's security posture by advancing detection capabilities, implementing modern security frameworks and supporting a resilient and secure environment.

Beginning your first day and throughout your career at NFA, you will work alongside a collaborative team to identify risks, implement security controls and support initiatives focused on infrastructure hardening, zero trust architecture, and data security.  This role is ideal for a security professional who enjoys solving complex challenges and staying ahead of emerging threats.  The engineer will partner with platform owners, IT operations, cloud teams, and other stakeholders to deploy and validate controls, engineer detections, and ensure resilient, auditable security baselines across the enterprise.

What you'll do:

As an Information Security Engineer at NFA you will support security initiatives across the entire organization and advance modern strategies focused on zero trust principles, operational reliability, data protection, and proactive risk mitigation.  These responsibilities include:

• Engineer, deploy, and maintain security telemetry pipelines (SIEM/SOAR, EDR/XDR, NDR, IDS/IPS); continuously tune for signal fidelity and performance.
• Normalize and correlate endpoint, identity, network, and cloud logs to support high‑confidence detections and investigations.
• Establish secure configuration baselines for operating systems, endpoints, servers, containers, Kubernetes clusters, and network devices; validate with configuration compliance tooling.
• Integrate baseline compliance into CI/CD and change management processes.
• Design and implement detection logic/use cases mapped to adversary TTPs (e.g., MITRE ATT&CK); author high‑signal rules/playbooks and iteratively reduce false positives.
• Support incident response by engineering containment and eradication steps (segmentation, identity controls, endpoint isolation, patching, hardening) and feed lessons learned back into controls.
• Implement guardrails (policy‑as‑code), preventive/detective controls (CSPM/CNAPP), and cloud‑native logging across accounts/subscriptions/projects.
• Enforce least privilege for service principals/managed identities and automate secrets management; secure workloads, containers, and CI/CD supply chains (signing, SBOM, provenance).
• Design and enforce conditional access, strong MFA, just‑in‑time/just‑enough‑admin, and privileged access workflows; integrate identity signals into detections and automated response.
• Implement identity threat detection and response (ITDR) for risky sign‑ins, token misuse, delegated access abuse, and automated remediation.
• Establish data classification/tagging; deploy endpoint, email, and cloud DLP controls and drive detections for exfiltration and over‑permissioned data stores.
• Implement encryption at rest/in transit with lifecycle key management; validate secure egress/ingress controls.
• Design and tune SASE/SSE policies to protect SaaS usage and remote access; integrate device posture and identity signals; validate policy efficacy via attack simulations.
• Build resilience in security components: infrastructure‑as‑code drift detection, control health monitoring, backup/restore testing, and evidence automation for audits; embed security in CI/CD pipelines.
• Develop AI‑specific incident response playbooks; integrate AI threat intelligence into hunting and detection workflows; align practices with leading guidance (e.g., NIST AI RMF, OWASP Top 10 for LLMs, ISO/IEC 42001).

What we are looking for:

We're seeking an Information Security Engineer with experience across infrastructure, network security, cloud platforms, and enterprise architecture, along with a strong understanding of detection and response, infrastructure hardening, zero trust principles, data security, and operational reliability within complex organizations.  Additional qualifications include:

• 5+ years in security engineering or closely related roles (cyber defense infrastructure, detection engineering, vulnerability management, incident response support).
• Proficiency in scripting/automation (e.g., Python, PowerShell, Bash) and infrastructure‑as‑code; experience integrating security controls into CI/CD and operational workflows.
• Demonstrated detection engineering capability (authoring detection logic/playbooks, ATT&CK‑mapped use cases, false‑positive reduction) across heterogeneous telemetry sources.
• Solid understanding of Zero Trust, SASE/SSE, identity threat detection/response, and data protection/DLP concepts.
• Familiarity with AI/ML fundamentals and adversarial threat taxonomy (prompt injection, poisoning, evasion, inference attacks).
• Experience with one or more of the following tools and ecosystems including Microsoft Sentinel (SIEM/SOAR), Microsoft Defender XDR, Intune, Purview (DLP/Insider Risk), Entra ID/Active Directory (hybrid), Azure security services/policies, and Palo Alto Prisma (SASE: ZTNA, SWG, CASB) preferred.
• Detection rule authoring languages and query frameworks: KQL, Sigma, SPL; familiarity with SOAR playbooks and API integrations preferred.
• Industry certifications preferred include SC‑200, AZ‑500, SC‑100, SC‑400, MD‑102, MS‑102; PCNSA/PCNSE; GIAC (GCTI, GCFA, GMON); AI/Responsible AI training aligned to NIST AI RMF / OWASP LLM Top 10 / ISO/IEC 42001.

The salary for this position is $117,300 to $204,000

To learn more about NFA and the benefits we offer please visit: What We Offer | National Futures Association

Customers and market participants depend on NFA to act with integrity and impartiality as it carries out its mission of safeguarding the markets and protecting investors. Therefore, NFA employees have a responsibility to conduct themselves according to high ethical standards, and must abide by NFA's Code of Professional Conduct. Learn more about the Code of Professional Conduct.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.