ninjatrader logo

Staff Cloud Security Engineer

ninjatrader Chicago, IL


No Relocation

Posted: July 8, 2026

Job Description

What you'll do:

As a Staff Cloud Security Engineer, you are the most senior individual contributor responsible for the security of our cloud platform. You will set the technical direction for how we secure workloads across Google Cloud Platform (GCP), design our edge and perimeter defenses using Cloudflare and Google Cloud Armor, and build the guardrails that enable engineering teams to move quickly without compromising security.

This is a hands-on, high-impact individual contributor role. You will not manage people but will establish engineering standards across the organization, influence company-wide architecture decisions, and serve as the senior technical authority during security reviews and incidents.

In this role you will:

  • Own the cloud security architecture across our GCP environments, including IAM and least privilege design, VPC Service Controls, Organization Policy, Shared VPC, Workload Identity, KMS/encryption, and Security Command Center
  • Design, deploy, and tune edge and application-layer defenses using Cloudflare (WAF, DDoS Protection, Zero Trust/Access, Bot Management, Rate Limiting) and Google Cloud Armor (Security Policies, Adaptive Protection, Rate Limiting, and Global Load Balancer integration)
  • Lead threat modeling and security architecture reviews for new services and major platform changes while balancing business velocity with security risk
  • Build security guardrails as code through policy-as-code, secure Terraform modules, and CI/CD security controls so secure defaults become the path of least resistance
  • Advance cloud detection and response capabilities by partnering with the SOC and Incident Response teams on logging pipelines, Chronicle/SIEM detections, and cloud-native alerting
  • Serve as a senior technical responder during security incidents, including investigation, containment, remediation, and post-incident hardening
  • Partner with GRC and Compliance teams to translate regulatory requirements such as ISO, SOC 2, SOX, and similar frameworks into scalable technical controls and evidence
  • Mentor senior and mid-level engineers while raising the overall security maturity of the engineering organization
  • Represent Cloud Security during cross-functional planning, architecture reviews, and strategic initiatives

What you'll need:

  • 8+ years of experience in security engineering, including at least 5 years focused on cloud security in production environments
  • Deep hands-on expertise securing Google Cloud Platform environments, including IAM, networking, VPC Service Controls, Security Command Center, KMS, and Organization Policy
  • Demonstrated production experience with Cloudflare, including WAF, DDoS Protection, Zero Trust/Access, Bot Management, and Google Cloud Armor
  • Strong Infrastructure-as-Code experience using Terraform and securing CI/CD pipelines
  • Proficiency in at least one programming or scripting language such as Python or Go for automation and tooling
  • Experience securing workloads within regulated industries and familiarity with frameworks such as PCI DSS, SOC 2, ISO, SOX, or similar
  • Demonstrated technical leadership and the ability to influence engineering teams without direct authority

Bonus points for:

  • Google Professional Cloud Security Engineer, CISSP, GCP Professional Cloud Architect, or similar certifications
  • Experience securing GKE/Kubernetes environments and container or software supply chain security
  • Multi-cloud experience across AWS and Azure
  • Experience building detection engineering or threat hunting programs
  • Previous experience in fintech, payments, trading, or other highly regulated financial environments

Compensation:

The salary range for this role will be $145,000.00 - $195,000.00 USD. In addition, this position will also receive an annual target bonus of 12%. Bonus pay at NinjaTrader is based on individual performance (50%) as well as company/team performance (50%).

Salary and bonus earnings are only two components of the total compensation package offered by NinjaTrader. NinjaTrader offers a 401K plan through ADP under which the company will match up to 3.5% of employee contributions. Annual paid time off allowance accrues at a rate of 23 days per year plus seven paid holidays.

Location:

This role is based in Chicago, IL. We are not open to remote candidates for this role.

Hybrid:

For Chicago-based employees, we follow a hybrid work schedule: In-office Tuesday through Thursday, with remote work on Mondays and Fridays. In addition to these weekly remote days, we offer:

  • 20 additional flex remote days annually
  • 5 Company Wide Office-Optional weeks tied to major holidays

Additional Content

What you'll do:

As a Staff Cloud Security Engineer, you are the most senior individual contributor responsible for the security of our cloud platform. You will set the technical direction for how we secure workloads across Google Cloud Platform (GCP), design our edge and perimeter defenses using Cloudflare and Google Cloud Armor, and build the guardrails that enable engineering teams to move quickly without compromising security.

This is a hands-on, high-impact individual contributor role. You will not manage people but will establish engineering standards across the organization, influence company-wide architecture decisions, and serve as the senior technical authority during security reviews and incidents.

In this role you will:

  • Own the cloud security architecture across our GCP environments, including IAM and least privilege design, VPC Service Controls, Organization Policy, Shared VPC, Workload Identity, KMS/encryption, and Security Command Center
  • Design, deploy, and tune edge and application-layer defenses using Cloudflare (WAF, DDoS Protection, Zero Trust/Access, Bot Management, Rate Limiting) and Google Cloud Armor (Security Policies, Adaptive Protection, Rate Limiting, and Global Load Balancer integration)
  • Lead threat modeling and security architecture reviews for new services and major platform changes while balancing business velocity with security risk
  • Build security guardrails as code through policy-as-code, secure Terraform modules, and CI/CD security controls so secure defaults become the path of least resistance
  • Advance cloud detection and response capabilities by partnering with the SOC and Incident Response teams on logging pipelines, Chronicle/SIEM detections, and cloud-native alerting
  • Serve as a senior technical responder during security incidents, including investigation, containment, remediation, and post-incident hardening
  • Partner with GRC and Compliance teams to translate regulatory requirements such as ISO, SOC 2, SOX, and similar frameworks into scalable technical controls and evidence
  • Mentor senior and mid-level engineers while raising the overall security maturity of the engineering organization
  • Represent Cloud Security during cross-functional planning, architecture reviews, and strategic initiatives

What you'll need:

  • 8+ years of experience in security engineering, including at least 5 years focused on cloud security in production environments
  • Deep hands-on expertise securing Google Cloud Platform environments, including IAM, networking, VPC Service Controls, Security Command Center, KMS, and Organization Policy
  • Demonstrated production experience with Cloudflare, including WAF, DDoS Protection, Zero Trust/Access, Bot Management, and Google Cloud Armor
  • Strong Infrastructure-as-Code experience using Terraform and securing CI/CD pipelines
  • Proficiency in at least one programming or scripting language such as Python or Go for automation and tooling
  • Experience securing workloads within regulated industries and familiarity with frameworks such as PCI DSS, SOC 2, ISO, SOX, or similar
  • Demonstrated technical leadership and the ability to influence engineering teams without direct authority

Bonus points for:

  • Google Professional Cloud Security Engineer, CISSP, GCP Professional Cloud Architect, or similar certifications
  • Experience securing GKE/Kubernetes environments and container or software supply chain security
  • Multi-cloud experience across AWS and Azure
  • Experience building detection engineering or threat hunting programs
  • Previous experience in fintech, payments, trading, or other highly regulated financial environments

Compensation:

The salary range for this role will be $145,000.00 - $195,000.00 USD. In addition, this position will also receive an annual target bonus of 12%. Bonus pay at NinjaTrader is based on individual performance (50%) as well as company/team performance (50%).

Salary and bonus earnings are only two components of the total compensation package offered by NinjaTrader. NinjaTrader offers a 401K plan through ADP under which the company will match up to 3.5% of employee contributions. Annual paid time off allowance accrues at a rate of 23 days per year plus seven paid holidays.

Location:

This role is based in Chicago, IL. We are not open to remote candidates for this role.

Hybrid:

For Chicago-based employees, we follow a hybrid work schedule: In-office Tuesday through Thursday, with remote work on Mondays and Fridays. In addition to these weekly remote days, we offer:

  • 20 additional flex remote days annually
  • 5 Company Wide Office-Optional weeks tied to major holidays