Senior Product Security Engineer

Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology and data driven group implementing a scientific approach to investing. Combining data, research, technology, and trading expertise has shaped our collaborative mindset, which enables us to solve the most complex challenges. QRT’s culture of innovation continuously drives our ambition to deliver high quality returns for our investors.

Your future role within QRT

The Senior Product Security Engineer at Qube Research & Technologies (QRT) will spearhead initiatives to protect QRT's core trading infrastructure from cyber threats. This role involves championing secure design principles, fostering trust-based partnerships, and working collaboratively with engineering and product teams to integrate security considerations and implement best practices into the design and development stages.

Additionally, this role focuses on identifying vulnerabilities across AWS environments, on-prem infrastructure, data stores, and enterprise applications. You will lead and execute red-team exercises, simulate real-world attack scenarios, and collaborate cross-functionally to strengthen our security posture.

As the security team, our top priority is to ensure that our data and assets are safeguarded using controls, which do not disrupt the business, but act as an enabler. We work across many stakeholders in the company, including IT, Cloud and Engineering.

Responsibilities:

• Define, implement, and validate security controls and reference architectures across on-prem, cloud, and colocation; perform configuration reviews and compliance checks against baselines and industry/regulatory standards.
• Conduct threat modelling and technical risk assessments to validate resilience against emerging threats.
• Perform security code reviews and drive remediation before release.
• Embed and validate security controls across the SDLC by partnering with engineering and product to integrate security tooling/processes and resolve design/development risks; provide expert guid-ance on application, network, and cloud security.
• Plan and execute offensive security activities—penetration testing, red-team exercises, and ex-ploit/post-exploitation development—and hands-on testing of pre-production/production assets and configurations.
• Provide assurance reporting on security posture, gaps, and recommendations for continuous im-provement.
• Contribute to security research, tool development, and automation; stay current with emerging threats and best practices.
• Educate and train teams on security awareness and best practices
• Participate in brand-building initiatives (blogs, talks, college events, open source)

Requirements:

• 5 - 10 years of experience in product security / security architecture, security research and pen-testing role.
• Deep understanding of security principles, techniques, and technologies related to software and product security.
• Experience with threat modelling, risk assessment, and the development of mitigation strate-gies.
• Strong technical background in software development and security, with proficiency in pro-gramming languages and security tools.
• In depth knowledge of application, network, cloud and platform security vulnerabilities.
• Strong focus on reviewing technical designs and functional requirements to identify areas of Se-curity weakness.
• Ability to explain vulnerabilities to developers
• Excellent problem-solving, communication, and leadership skills and ability to influence through factual reasoning.
• Time management: ability to handle multiple concurrent assessments, plan based deliverable management, strong follow up and tracking.
• Ability to adjust communication of technology risks vs business risks based on the audience.
• Previous experience in Financial Services is preferred.

To be considered a good cultural fit, you should be: 

• Humble, curious and hungry to learn. 
• A flexible and reliable team player who enjoys working in a collaborative environment. 
• A strong communicator with good interpersonal skills for collaboration with colleagues across the firm globally. 

QRT is an equal opportunity employer. We welcome diversity as essential to our success. QRT empowers employees to work openly and respectfully to achieve collective success. In addition to professional achievement, we are offering initiatives and programs to enable employees achieve a healthy work-life balance.