Senior Product Security Engineer

Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology and data driven group implementing a scientific approach to investing. Combining data, research, technology and trading expertise has shaped QRT’s collaborative mindset which enables us to solve the most complex challenges. QRT’s culture of innovation continuously drives our ambition to deliver high quality returns for our investors. 

Your future role within QRT

• Support the implementation of security controls and processes for product security, focusing on a broad range of systems, including core trading infrastructure, cloud services, and business applications across both Windows and Linux environments.
• Collaborate with engineering and product teams to integrate security into product design and development, applying your experience in securing large-scale software systems in a fast-moving environment.
• Contribute to the development and maintenance of a secure software development lifecycle (SDLC) with a focus on secure coding practices in languages like Python, C++, Rust, Go and Kotlin/Java.
• Conduct threat modeling, vulnerability assessments and security code reviews across different platforms, ensuring security is embedded at every stage of the development lifecycle.
• Provide mentorship, guidance, and training on security best practices and secure development processes to engineering teams working in mixed cloud and operating systems environments.
• Perform vendor security reviews to assess third-party security practices and ensure compliance with QRT’s standards.
• Integration of security scanning tools (SAST, DAST, etc.) into CI/CD pipelines and runtime environments to ensure continuous security monitoring and threat detection across Alibaba Cloud, AWS, Azure, and on-prem systems.
• Proactively identify security risks and develop strategies for risk mitigation in a fast-paced high-stakes environment.

Your present skillset

• At least 7 years of experience in product security or similar roles with significant practical experience in securing software development at scale.
• Proven record of accomplishment in secure coding practices and development experience in development languages such as Python, C++, Rust, Go and Kotlin/Java.
• Strong technical background in software development, system architecture and security tools.
• Strong understanding of security principles, techniques and technologies related to software and product security, cloud platforms and business applications. Knowledge of low-latency financial systems would be an advantage.
• Experience working with and securing both Windows and Linux-based systems.
• Extensive experience with one or more cloud platforms such as AWS, Microsoft Azure and Alibaba Cloud used in a hybrid environment.
• In-depth knowledge of threat modeling, risk assessment and development of mitigation strategies for large-scale, complex systems in a fast-paced environment.
• Experience integrating security scanning tools into CI/CD pipelines and runtime environments.
• Experience conducting vendor security reviews and managing third-party security assessments.
• Excellent leadership, problem-solving, communication and adaptability skills, suited for a senior-level position in a fast-paced environment.

QRT is an equal opportunity employer. We welcome diversity as essential to our success. QRT empowers employees to work openly and respectfully to achieve collective success. In addition to professional achievement, we are offering initiatives and programs to enable employees achieve a healthy work-life balance.