About this Networking & Security Engineer role at Capula
We are seeking a hands-on Infrastructure & Security Engineer with deep expertise across security architecture, server, and network domains. Security is the core priority of this role. The successful candidate will take a leading part in strengthening and evolving the firm's security posture in response to an increasingly sophisticated threat landscape, including emerging risks associated with AI.
This is a technically demanding role that combines proactive security ownership with infrastructure delivery. The successful candidate will act as a security-first thinker across everything they touch, from day-to-day operations through to strategic infrastructure design, and will be expected to drive meaningful improvements to the firm's defensive capabilities.
This role is office-based and requires five days per week on-site presence.
Key Responsibilities
- Lead the firm's security operations function, owning threat detection, incident response, and vulnerability management end-to-end
- Monitor, triage, and respond to security events across the environment, including log analysis, anomaly detection, and threat hunting, with a strong awareness of modern and AI-enabled attack vectors
- Own and drive security hardening across all infrastructure — servers, endpoints, network devices, and cloud-adjacent systems — ensuring consistent application of best practices and compliance with security policies
- Design and implement secure infrastructure solutions, embedding security requirements from the outset rather than retrofitting them
- Conduct regular vulnerability assessments and penetration testing exercises, prioritising and remediating findings in a timely manner
- Manage and continuously improve security tooling, including SIEM, EDR, firewalls, IDS/IPS, and endpoint protection platforms
- Act as the escalation point for security-related incidents across 2nd and 3rd line, providing expert guidance and driving resolution
- Support and maintain network infrastructure including firewalls, switches, VPNs, and wireless systems (primarily Cisco-based), with a security lens on all configuration and change
- Operate across Windows and Linux (Red Hat/CentOS) environments, ensuring both are maintained to a consistent security baseline
- Collaborate with infrastructure and technology teams to embed security into project delivery and BAU processes
- Develop and maintain security documentation including incident response playbooks, SOPs, architecture diagrams, and runbooks
- Stay current with the evolving threat landscape, bringing proactive recommendations to improve the firm's security posture over time
- Participate in an on-call rotation to support critical systems and respond to security incidents outside business hours
Requirements
- Minimum 7+ years’ experience in infrastructure, networking, and security roles
- Strong hands-on experience with Windows Server and Linux (Red Hat/CentOS)
- Solid networking knowledge, including TCP/IP, VLANs, VPNs, DNS, DHCP, with practical experience in Cisco environments
- Demonstrated experience implementing and supporting security controls, including:
- Patch management and system hardening
- Endpoint protection and monitoring
- Identity and access management
- Good understanding of cyber security principles, including modern threat landscapes and evolving risks (e.g. automation and AI-driven attack vectors)
- Experience with virtualisation (VMware) and enterprise storage (SAN/NAS)
- Scripting or automation experience (e.g. PowerShell, Bash) is advantageous
- Experience in financial services or regulated environments is preferred
- Strong troubleshooting skills with a structured and analytical approach
- Able to balance BAU responsibilities with project delivery effectively
- A thoughtful and forward-looking mindset, with the ability to identify risks and propose improvements
- Clear and confident communicator, able to engage with both technical and non-technical stakeholders
- Self-motivated, accountable, and willing to take ownership of issues end-to-end
- Collaborative and adaptable, with a practical and solutions-focused approach