HC Technologies is a premier algorithmic and discretionary trading firm with a specialty in the Foreign Exchange and Futures markets. With offices in Chicago, New York and London, we unite talented individuals with innovative technology and robust risk management to identify trading opportunities within the global marketplace. HC Technologies is ranked number one in Euromoney's 2018 FX survey for market share in the Americas region and is a direct trading member of the CME Group exchanges, ICE Europe, ICE US, and Eurex.
The infrastructure team is globally responsible for all technology and systems engineering functions for the firm. The team bridges the gap between Quants and the underlying technology essential for optimal performance in the market. The team is composed of full-stack engineers with specializations covering: systems, UNIX, networking, client/venue connectivity, estate management, performance tuning, cloud, and big data. Our team is highly collaborative with complementary skills and experience.
The Network Architect is a unique opportunity to work with cutting-edge technology in FinTech and challenge yourself to grow on a daily basis. This is a full-time opportunity for someone who is well versed in a variety of networking and systems topics. You will report to the Head of Infrastructure in our New York office and work within the broader infrastructure organization as a member of our networking team.
In this role you will act as a Networking Subject-Matter-Expert, you will apply a variety of skills that involve in-depth networking, routing, switching, and firewall experience. We are seeking an excellent communicator who can help architect/administer/support our global network across the New York, Chicago, and London & Frankfurt offices and data centers. You will be responsible for ensuring the network is up to date, optimized, and is able to work with no unexpected downtime to support our real-time trading infrastructure. You will need to have subject matter expertise in various protocols (OSPF/BGP/TCP/IP), Multicast, low-latency environments, VPN, and VLAN technologies.
The successful candidate will be able to multitask in a dynamic environment, demonstrate strong analytical/communication skills, and professionalism while handling these tasks. You must be a self-starter and enjoy working in a small team environment. The right candidate will also take initiative and continually offer ideas and input on improving or optimizing the network infrastructure. You will be on the front line maintaining and expanding the capabilities of HC|Tech's technology stack and specifically trading systems.
All members of the infrastructure team:
- Must have skills in the following four core areas: NETWORKING, PROGRAMMING, LINUX & SECURITY to various degrees.
- Participate in operational support and deployment activities including non-core hours/work as part of 24/7 on-call rotation.
- Will take ownership of their respective specializations and push the technology envelope in alignment with the business.
- Participate in team activities with the aim of improving team skills, knowledge and quality of work.
Networking SME (required):
- CCNP+ skill set ideal - with a slant towards CCDE.
- Low-latency DWDM, Optical Networking, Microwave, Millimeter, FPGA (Altera, Xilinx).
- Solid Networking skills (Layer 1 technologies, switches/routers, SNMP), advanced knowledge of OSPF, BGP, PIM, TCP/IP, Multicast.
- Ability to analyze packet dumps, multicast routing on hosts, packet filtering.
- Experience with Arista, Cisco, and Metamako, Exablaze, ASIC (Barefoot, Broadcom, Cisco).
- Deep understanding of L3 routing protocols with expert knowledge of BGP and OSPF. You will have strong experience with traffic engineering and path manipulation. Preferably in large enterprise environments.
- Expert level knowledge of L2 protocols. This candidate will be able to explain in detail how the L2 processes and loop prevention works and the knobs used to optimize them.
- Must have strong multicast routing experience in both troubleshooting and design. This will include expert understanding of IGMP and PIM. You will demonstrate the ability to apply common security and traffic engineering practices to multicast routing.
- Ability to analyze business requirements and convert them into network design. You must be able to explain complex technical solutions in clear concise language easily interpreted by non-technical staff.
- Knowledge of fortinet security solutions, including firewalls, fortimanager and forti-authenticator a plus
- Experience troubleshooting and building VPN solutions, including , IPSEC and DMVPN
- Must be willing to travel to colocation facilities on occasion. This would include but not limited to installations, decommissioning and troubleshooting.
- The right candidate will be eager to design complex network solutions and work on strategic projects while also happy to assist in day-to-day operational work required to keep the entire infrastructure running smoothly
- Experience with common network management and automation platforms such as salt, ansible and librenms
- Knowledgeable in AWS and GCP networking solutions with focus on IPSEC and BGP.
Soft skills (required):
- Ability to prioritize day-to-day activities for projects and critical support requests.
- Able to multitask and work on complex cross-discipline deliverables independently
- Strong written and oral communication (can distill complex technical content into easily understandable statements for all audiences)
- Bachelor's degree in Computer Science or Engineering or commensurate experience
Linux (highly desired):
- Ability to create robust testing and certification processes to comprehensively evaluate the impact of hardware changes, tunables, and system SW updates to the application stack.
- Deep understanding of the Linux kernel including: kdb, OS tuning, IRQ and IRQ affinity, virtual memory, VFS, IPC, network, process scheduling, and processor sets/cgroups.
- Proficiency in C (read and debug source code) to troubleshoot kernel-space issues.
- Ideal experience with USE Method to address complex performance problems.
- In-depth working knowledge of Linux patch management and related information security functions (iptables, hardening, tripwire)
- Host-based routing, bonds (ARP vs Link)
Security (highly desired):
- Experience with authentication and encryption technologies like SSL, Kerberos, and GSSAPI.
- Familiarity with vulnerability scanning tools: Qualys, Nmap, and Nessus - Alert Logic is a plus
- Working knowledge of industry best practices with regards to information security
- Advanced knowledge of Stateful Firewalls (Fortinet), ACLs, etc
- Ability to perform penetration testing across full technology stack.
Programming (highly desired):
- Programming/Scripting - Python (for automation, and non-performance centric), Bash, etc.
Monitoring (highly desired):
- System and Network Monitoring. Packet Brokers/Matrix-Switches, Optical Taps, Corvil - CCA/CCE
Time Sync (highly desired):
- Working knowledge of CDMA, GPS, PTP, NTP
- Competitive base salary and bonus
- Excellent benefits that include robust medical, dental, life insurance, 401K, and vision plans
- A casual and open work environment without cubicles, WFH opportunities
- Plenty of snacks, coffee/espresso, and catered lunches every Friday
- Quarterly team building exercises
- Ability to partake in offsite charities and community service events