
Winton · London
ABOUT WINTON Winton is a research-based investment management company with a specialist focus on statistical and mathematical inference in financial markets. T...
Winton is a research-based investment management company with a specialist focus on statistical and mathematical inference in
financial markets. The firm researches and trades quantitative investment strategies, which are implemented systematically via
thousands of securities, spanning the world's major liquid asset classes. Founded in 1997 by David Harding, Winton today manages
assets for some of the world’s largest institutional investors.
We employ ambitious professionals who want to work collaboratively at the leading edge of investment management.
Thanks for your interest in Winton!
If you can't find an opportunity that matches your skillset, please register your interest below for future updates on suitable
roles.
In the meantime, please check out our latest news and LinkedIn page to stay up to date with that is happening at Winton.
We look forward to reviewing your details.
We are proud to be an equal opportunity workplace. We do not discriminate based upon race, religion, color, national origin, sex,
sexual orientation, gender identity/expression, age, status as a protected veteran, status as an individual with a disability, or
any other applicable legally protected characteristics.
Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology and data driven group implementing a scientific approach to investing. Combining data, research, technology, and trading expertise has shaped our collaborative mindset, which enables us to solve the most complex challenges. QRT’s culture of innovation continuously drives our ambition to deliver high quality returns for our investors. As a Cyber Risk Specialist, you’ll provide strategic guidance across risk and governance remits within the security team. You’ll collaborate with different teams and stakeholders across the business to ensure our security governance is robust, scalable, and deployable. This position has high visibility across the business and exposure to all parts of the trading lifecycle. Your future role at QRT * Cyber Risk Management * Maintain and enhance the Information Security risk register as a live, decision-useful tool. * Work with stakeholders to assess, track, and manage risks across systems, processes, and third parties. * Develop clear, data-led risk narratives for leadership. * Track remediation actions and support risk-based prioritisation. * Governance and Policy * Maintain and improve security policies, standards, and supporting documentation. * Align internal requirements with relevant frameworks, regulations, and business needs. * Ensure documentation is clear, current, and accessible to technical and business stakeholders. * Support practical and scalable security governance. * Audit and Assurance * Coordinate external reviews, client assurance requests, regulatory enquiries, and internal audits. * Gather and validate evidence from technical and business teams. * Maintain assurance materials and evidence repositories. * Track findings and remediation actions through to closure. * Compliance and Control Effectiveness * Support control assurance and testing activities. * Monitor adherence to internal policies, contractual commitments, and external obligations. * Help map controls to relevant frameworks such as ISO 27001, NIST, SOC 2, and DORA. * Identify control gaps and support pragmatic remediation. * Training and Awareness * Contribute to targeted security awareness activities, particularly for technical teams. * Tailor security messaging for different audiences. * Track completion, engagement, and impact of awareness activities. * Reporting and Insight * Develop concise dashboards and reports for leadership. * Highlight trends, control health, emerging risks, and areas requiring attention. * Use data to support findings, prioritisation, and decision-making. Your present skillset * 5+ years’ experience in information security, cyber risk, GRC, audit, assurance, or a related discipline. * Strong understanding of security frameworks and regulations such as ISO 27001, NIST, SOC 2, DORA, or similar. * Experience coordinating audits, assurance activity, regulatory reviews, or control assessments. * Strong written and verbal communication skills. * Experience working with cross-functional teams, including technology, legal, compliance, and business stakeholders. * Strong organisational skills and the ability to manage multiple workstreams. * Familiarity with GRC platforms such as Drata, Vanta, ServiceNow GRC, Archer, or similar. * Strong data literacy, including experience using dashboards, metrics, or raw data to support findings. * Confidence driving small projects or workstreams independently. * Desirable: * Experience in financial services, quantitative trading, investment management, or another highly technical environment. * Familiarity with cloud platforms, infrastructure, software development, or third-party technology risk. * Experience improving risk reporting, control testing, assurance workflows, or evidence management processes. * Understanding of operational resilience, third-party risk, or regulatory technology expectations. QRT is an equal opportunity employer. We value diversity as essential to our success and are committed to creating an environment where employees can work openly, respectfully, and collaboratively. In addition to supporting professional achievement, QRT offers initiatives and programmes designed to help employees maintain a healthy work-life balance.
WPP is the trusted growth partner for the world’s leading brands. We unite cutting-edge media intelligence and data solutions, world-class creativity, next-generation production, transformative enterprise solutions and expert strategic counsel in a single company – powered by exceptional talent and our agentic marketing platform, WPP Open, to help our clients navigate change, capture opportunity and deliver transformational growth. We work with the world's most valuable brands and have global reach across 100+ markets, with deep local expertise. Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow. For more information, visit WPP.com. Why we're hiring: WPP Enterprise Technology provides technology services for WPP, the world’s leading creative transformation company. Within Enterprise Technology, Cyber, Risk & Compliance (CRC) plays a key role in strengthening operational resilience, governance, risk management and control effectiveness across a global technology estate. This is an exciting time to join CRC as we continue to modernise our operating model, increase automation, embrace AI-enabled ways of working and build new capabilities that help WPP move faster, more securely and with greater confidence. The Technology Risk Analyst will support the day-to-day operation of WPP's Enterprise Technology Risk capability. Reporting to the Technology Risk Lead, the role will assist with maintaining risk and issue information, supporting risk reporting, coordinating stakeholder updates and helping ensure technology risk activity is well organised, accurate and easy to act on. The role will also support the maintenance of technology governing artefacts, including policies, frameworks, standards and procedures, by helping track ownership, review cycles, updates and publication readiness. This role is ideal for someone with a grounding in risk and governance, strong organisation skills and curiosity about technology, automation and AI-enabled ways of working. What you'll be doing: * Support the maintenance of Enterprise Technology risk registers, issue logs, action trackers and supporting documentation. * Assist with gathering risk updates from technology, security, assurance, resilience and operational teams. * Help prepare risk reporting, dashboards, meeting materials and concise status updates for the Technology Risk Lead and wider Risk & Strategy team. * Support basic risk and issue analysis, including identifying overdue actions, missing information, ownership gaps and recurring themes. * Maintain organised records of technology governing artefacts such as policies, frameworks, standards and procedures, including review dates, owners, status and publication readiness. * Coordinate follow-up with artefact owners and subject matter experts to help keep governance materials current, accessible and aligned to agreed processes. * Support documentation quality checks, version control and repository housekeeping for risk and governance materials. * Assist with evidence gathering for assurance, audit or governance activities where required. * Use M365, workflow tools, reporting templates and AI-enabled productivity tools to reduce manual effort and improve consistency. * Contribute to a collaborative, practical and continuous improvement culture within the new Risk & Strategy team. What you'll need: * A grounding in risk, governance, compliance, audit, cyber security or a related area; extensive experience is not required. * Strong organisational skills, attention to detail and ability to follow through on actions and deadlines. * Ability to work with structured information such as registers, trackers, documentation inventories and reporting packs. * Good written and verbal communication skills, with the ability to summarise information clearly and professionally. * Comfortable working with a range of stakeholders and asking clear questions to clarify ownership, status or next steps. * Curiosity about automation, reporting improvement and responsible use of AI to simplify routine risk and governance activity. * A proactive, collaborative and learning-oriented mindset. Who you are: You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working. You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected. You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day. What we'll give you: Passionate, inspired people – We aim to create a culture in which people can do extraordinary work. Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry. Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge? #LI-Hybrid We believe the best work happens when we're together, fostering creativity, collaboration, and connection. That's why we’ve adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please discuss this with the hiring team during the interview process. WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers. PLEASE READ OUR PRIVACY NOTICE (HTTPS://WWW.WPP.COM/EN/CAREERS/WPP-PRIVACY-POLICY-FOR-RECRUITMENT) FOR MORE INFORMATION ON HOW WE PROCESS THE INFORMATION YOU PROVIDE.
About Instil At Instil, we help technology brands transform, innovate and disrupt their markets with secure, category-defining software. Our services include product development, delivering next-generation digital solutions; cyber security, helping teams protect against emerging cyber threats; and artificial intelligence, unlocking the potential of your data and people. Our work is impactful and varied, often at the leading edge of technology. Our clients choose Instil because we are seen as a cut above. Why Register Your Interest? If you don’t see a role that matches your skills right now, we’d still love to hear from you. By registering your interest, you’ll be the first to know when new opportunities arise that align with your background and aspirations. Who Should Apply? We welcome expressions of interest from professionals across disciplines, including: * Software Engineering (Java, C++, .NET, Python, React, Angular, TypeScript etc.) * Cyber Security & Penetration Testing * Data & AI Engineering * DevOps & Cloud Infrastructure * Delivery & Project Management * Product & UX Design What Happens Next? Once you submit your details, our Talent Acquisition team will review your profile and reach out when a suitable opportunity becomes available.