At HedgeServ, we’re redefining what’s possible in fund administration. With more than $700 billion in assets under administration, we partner with the world’s most forward-thinking investment managers – across private equity, private credit, endowments, hedge funds and more – to deliver seamless, tech-enabled solutions that drive performance.

Our proprietary platform, enhanced by machine learning and robotic process automation, gives clients real-time insights and unmatched control over their operations. Alongside our technology, we offer award-winning service through our team-based approach -- led by a deeply experienced team of industry experts. Our solutions span the full investment lifecycle, including fund accounting, middle office, risk, compliance, tax, and investor services.

We’re a future-focused company, empowering our people through a robust career development framework, clear career trajectories with structured learning paths, training, and progression plans. We invest in leadership development and in our collaborative culture, creating space for talent to grow. Our corporate values – Relationships, Support, Innovation, and Expertise – create a sense of shared purpose and belonging, and we recognize our employees sit at the core of our success. We continue to innovate and evolve through our employees, working together to achieve our shared vision and mission.

HedgeServ supports employees through a variety of offerings, including remote and hybrid working arrangements, and fully paid comprehensive health and well-being benefits. We’ve been recognized as an employer of choice, earning a top 100 workplaces designation.

Founded in 2008, HedgeServ has grown into a global organization with over 2,000 experts across the globe, with offices in the United States, Grand Cayman, Ireland, Poland, Bulgaria, Luxembourg, the Philippines, and Australia. We’ve earned numerous accolades, including Top Overall Administrator, along with #1 rankings for providing alternative asset services in Accounting, Technology, Client Service, Investor Services, Alternative Fund Expertise, Reporting, and Regulatory Expertise.

Job Description

The Cloud Information Security Engineer is responsible for the development, implementation, and operations of a comprehensive, enterprise-wide information security strategy and program for HedgeServ, focusing on our cloud environments. They create security policies, standards, and procedures. They utilize a risk-based methodology to anticipate threats and identify potential impact and serve as HedgeServ’s representative regarding cloud security strategy and execution of HedgeServ’s cloud security roadmap. The Engineer has duties that include, but are not limited to:

• Cloud-first and Cloud-native approach to security, with a deep understanding of best practices

• Develops and implements a risk management program for security and privacy-related areas, which includes modeling threats, identifying risks and vulnerabilities, establishing a risk analysis and mitigation plan, and reporting to executive management on both a regular and event-driven basis

• Provides strategic and tactical security guidance for programs and projects that may involve security controls, including the evaluation of the enterprise architecture, hardware, software, and technical controls

• Works proactively with the IT Leadership team and their direct reports to assure strategic plans, security programs, and technical controls are aligned with their respective business strategies and in compliance with policies, applicable laws, and regulations

• Coordinates the use of external third-party resources involved in the development, implementation, and monitoring of the Cloud Information Security program, including performing penetration tests.

• Establishes a metrics-driven dashboard to evaluate the effectiveness of the Cloud Information Security program.

• Serves as a key thought leader in the field of Cloud Information Security, which includes working with key partners and vendors to develop thought leadership around policies, processes, and capabilities that can help change or enhance the Cloud Security Strategy at HedgeServ

• Keeps informed of new technologies or application methodologies through publications, membership in professional organizations, and contact with other IT organizations and institutions.

• Participate in the design and day-to-day administration of security systems that reflect state-of-the-art security best practices and compliance, ensuring a focus on balancing security effectiveness without introducing material operational friction – strong focus on DevOps and team enablement

Pre-requisite knowledge, skills, and experience:

• 5+ years of experience in the information technology field or similar

• 5+ years of experience with multiple cloud environments, including (but not limited to) AWS

• Excellent interpersonal and written communication skills

• Experience with projecting and controlling Cloud spend

• Detail-oriented and strong documentation experience

Technical Responsibilities/Qualifications:

• Securing communications, applications, and business systems

• Performance of cloud risk assessments

• Oversee drafting of policies and procedures for secure daily cloud operations Planning, testing, and managing disaster recovery and security breaches Understanding of governance and compliance, as well as the ability to enforce policies

• Incident management and investigation Understanding of threat landscape and ability to analyze risk across a dispersed portfolio

• Familiarity with Cyber Security frameworks, including NIST and ISO Security Architecture/Engineering

• Experience implementing security frameworks such as ISO, NIST, SANS top 20, and OWASP

• Forward thinking, proactive approach to security Self-starter, resolution-minded, outside the box thinker and doer

• Must have a sense of urgency and the ability to shift priorities as needed

Below certifications are preferable:

• Certified Information Security Systems Professional (CISSP)

• Certified Information Systems Auditor (CISA)

• AWS Certified Security – Specialty (CSC-C02)