Senior Product Security Engineer- Systematic Quant Fund

Responsibilities

Support the implementation of security controls and processes for product security, focusing on a broad range of systems, including core trading infrastructure, cloud services, and business applications across both Windows and Linux environments. Collaborate with engineering and product teams to integrate security into product design and development, applying your experience in securing large-scale software systems in a fast-moving environment. Contribute to the development and maintenance of a secure software development lifecycle (SDLC) with a focus on secure coding practices in languages like Python, C++, Rust, Go and Kotlin/Java. Conduct threat modeling, vulnerability assessments and security code reviews across different platforms, ensuring security is embedded at every stage of the development lifecycle. Provide mentorship, guidance, and training on security best practices and secure development processes to engineering teams working in mixed cloud and operating systems environments. Perform vendor security reviews to assess third-party security practices and ensurepliance standards. Integration of security scanning tools (SAST, DAST, etc.) into CI/CD pipelines and runtime environments to ensure continuous security monitoring and threat detection across Alibaba Cloud, AWS, Azure, and on-prem systems. Proactively identify security risks and develop strategies for risk mitigation in a fast-paced high-stakes environment.
Requirements
At least 7 years of experience in product security (or similar) roles with significant practical experience in securing software development at scale. Proven record of aplishment in secure coding practices and development experience in development languages such as Python, C++, Rust, Go and Kotlin/Java. Strong technical background in software development, system architecture and security tools. Strong understanding of security principles, techniques and technologies related to software and product security, cloud platforms and business applications. Knowledge of low-latency financial systems would be an advantage. Experience working with and securing both Windows- and Linux-based systems. Extensive experience with one or more cloud platforms - such as AWS, Microsoft Azure and Alibaba Cloud - used in a hybrid environment. In-depth knowledge of threat modeling, risk assessment and development of mitigation strategies for large-scale,plex systems in a fast-paced environment. Experience integrating security scanning tools into CI/CD pipelines and runtime environments. Experience conducting vendor security reviews and managing third-party security assessments. Excellent leadership, problem-solving,munication and adaptability skills, suited for a senior-level position in a fast-paced environment.

Whilst we carefully review all applications, to all jobs, due to the high volume of applications we receive it is not possible to respond to those who have not been successful.

Contact
If this sounds like you, or you'd like more information, please get in touch:

George Hutchinson-Binks

(+44)
linkedin/in/george-hutchinson-binks-a62a69252

Job ID w0MM93KX4M9E