Cyber Risk Auditor

New York, New York, United States

Share with: Facebook Twitter Send to a friend

The mission of Two Sigma is to find value in the world's data. At our core we are a technology business. We use vast data sets from over a thousand diverse sources, advanced machine learning techniques, and scientific approaches to find critical connections that help drive the world's economy, safeguard the retirement savings of millions of people, and fund groundbreaking research.

At Two Sigma we fully embrace our "Nice Geeks" culture. Our facilities are designed to encourage people to come together and share ideas. Our personnel are rewarded for cross group collaboration and driving innovation. We also embrace fun and encourage play because we know giving our brains activity outside of our core jobs helps us be more creative and gain new insights that are relevant to our daily tasks.


Because we are looking for radical, novel, unique, inspiring, <insert adjective of your choice> solutions, we place a high premium on diversity. We need people who see the world from angles we don't, so we can ensure that our solutions are the best possible, for the greatest number of people possible. We also know that embracing diversity of all kinds leads to inspiration, which leads to innovation, which allows us to change the world. If you are passionate, and interested in joining us on this adventure, we would love to meet you.


The Two Sigma Cyber team is focused on pushing the boundaries of what is possible when we reevaluate traditional assumptions and embrace modern technology. Whether we are unlocking the potential of quantitative analysis, pushing the limits of zero trust, driving cloud infrastructure to new heights, or developing our own solutions to common authentication and authorization challenges, we embody a culture of proactive and transparent, innovation.

The Cyber Risk Auditor will report to the Cyber Risk Program Lead and will partner directly with the manager for Security Infrastructure & Operations, manager for Security Architecture, manager for Cloud Security, the Two Sigma Compliance team, and Engineering Group Leads. In a typical day, this role may:

  • Conduct internal audits of the cyber risk posture of Two Sigma systems;

  • Engage with external auditors;

  • Prioritize and drive remediation of identified risks;

  • Drive improvements to security capabilities;

  • Partner on automation of risk signal; and

  • Partner on modeling and quantitative analysis of risk based on automated signals.

This role will be responsible for articulating the current risk posture of Two Sigma and to guide investment/innovation to improve the risk posture of the firm. Successful execution of this role should eventually result in a real-time understanding of risk, threat analysis, and countermeasure effectiveness with strong signal fidelity. Outputs of the program should inform engineering and budget priorities across the firm.

This role will have the ability to influence the security state of Two Sigma, engineering priorities across the firm, and investor confidence in the firm.

Requirements to Apply for the Role:

  • Three years of experience working in some combination of cyber security auditing (internal or external), and/or cyber security consulting.

  • CISSP