
Qube Research & Technologies · London
Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a ...
Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset
classes across the world. We are a technology and data driven group implementing a scientific approach to investing. Combining
data, research, technology and trading expertise has shaped QRT’s collaborative mindset which enables us to solve the most complex
challenges. QRT’s culture of innovation continuously drives our ambition to deliver high quality returns for our investors.
Your future role within QRT
QRT is hiring a Senior Product Security Engineer to protect diverse tech systems across cloud, business apps, and core
infrastructure. In this role, you’ll drive automated security processes, influence architecture, and lead strategic security
projects. Working closely with IT, cloud, and engineering teams, you'll implement security solutions for low-latency systems and
multi-cloud platforms, including AWS, Azure, and Alibaba Cloud. You'll also secure hybrid infrastructures across Python, C++, and
Kotlin/Java environments, ensuring robust protection that supports QRT’s high-speed, data-driven operations.
including core trading infrastructure, cloud services, and business applications across both Windows and Linux environments.
experience in securing large-scale software systems in a fast-moving environment.
practices in languages like Python, C++, Rust, Go and Kotlin/Java.
embedded at every stage of the development lifecycle.
working in mixed cloud and operating systems environments.
security monitoring and threat detection across Alibaba Cloud, AWS, Azure, and on-prem systems.
Your present skillset
development at scale.
C++, Rust, Go and Kotlin/Java.
platforms and business applications. Knowledge of low-latency financial systems would be an advantage.
environment.
systems in a fast-paced environment.
fast-paced environment.
QRT is an equal opportunity employer. We welcome diversity as essential to our success. QRT empowers employees to work openly and
respectfully to achieve collective success. In addition to professional achievement, we are offering initiatives and programs to
enable employees achieve a healthy work-life balance.
Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology and data driven group implementing a scientific approach to investing. Combining data, research, technology, and trading expertise has shaped our collaborative mindset, which enables us to solve the most complex challenges. QRT’s culture of innovation continuously drives our ambition to deliver high quality returns for our investors. The Security Assurance team is responsible for identifying, assessing, and validating security risks across QRT’s technology environment. The team works closely with Security Engineers, Software Engineers, Infrastructure Engineers, Cloud Engineers, and Technology stakeholders to evaluate the effectiveness of security controls and strengthen the firm's overall security posture through adversarial testing and assurance activities. Your Future Role within QRT You will: * Conduct internal penetration testing across a wide range of systems, including trading infrastructure, cloud platforms, APIs, and business applications in both Windows and Linux environments. * Perform red team-style assessments and adversarial simulations to identify weaknesses in detection, response, and resilience capabilities. * Design and execute security assurance strategies to validate the effectiveness of security controls across applications, infrastructure, and cloud environments. * Coordinate external penetration testing engagements with third-party security vendors, including scoping, execution oversight, validation of findings, and remediation tracking across cloud, infrastructure, and application environments. * Identify, exploit, and clearly document vulnerabilities, providing actionable remediation guidance tailored to engineering teams. * Collaborate with product security and development teams to ensure vulnerabilities are properly remediated. * Support threat modelling exercises by providing an attacker’s perspective on system design and architecture. * Develop and maintain tooling, scripts, and frameworks to automate testing and improve coverage of security assessments. * Contribute to continuous security testing within CI/CD pipelines, including validation of SAST/DAST findings and runtime security controls. * Conduct security reviews of internal and third-party systems, validating real-world exploitability of identified risks. * Provide mentorship and training to engineers on common attack vectors, exploitation techniques, and secure design principles. * Stay current with emerging threats, vulnerabilities, and offensive security techniques relevant to financial systems and low-latency environments. Your present skillset: * 5+ years of experience in penetration testing, red teaming, or security assurance roles, with hands-on experience testing complex, large-scale systems. * Strong practical knowledge of offensive security techniques, including web application, API, network, and cloud exploitation. * Solid understanding of system internals, networking, and common vulnerability classes, including OWASP Top 10, logic flaws, authentication and authorisation issues, and race conditions. * Familiarity with both Windows and Linux environments from an attacker’s perspective. * Experience using standard penetration testing tools such as Burp Suite, Metasploit, Nmap, BloodHound, and similar offensive security tooling. * Ability to assess the real-world impact of vulnerabilities and prioritise risks in a high-stakes environment. * Ability to clearly document findings, explain exploitability, and provide practical remediation guidance to engineering and infrastructure teams. * Strong communication skills, with the ability to clearly articulate technical risks and remediation strategies to engineering stakeholders. * Ability to operate independently, manage multiple assessments, and provide senior-level technical judgement during security assurance activities. * Preferred: * Experience testing applications and services developed in languages such as Python, C++, Rust, Go, and Kotlin/Java. * Experience with cloud security testing across AWS or Azure, including IAM, network configuration, storage, managed services, and common cloud misconfigurations. * Experience developing custom penetration testing tools, automation, scripts, exploits, or fuzzers. * Experience integrating security testing into CI/CD pipelines or supporting continuous assurance practices. * Understanding of detection and response mechanisms, with the ability to evaluate or bypass them during controlled testing. * Experience conducting red team exercises, adversary simulations, or purple team engagements. * Experience with containerised environments, Kubernetes, infrastructure-as-code, or hybrid cloud infrastructure. * Knowledge of low-latency systems, financial trading environments, or high-performance distributed systems. * Relevant certifications such as OSCP, OSEP, OSCE, CRTO, CCT APP, CCT INF, or equivalent practical experience. QRT is an equal opportunity employer. We value diversity as essential to our success and are committed to creating an environment where employees can work openly, respectfully, and collaboratively. In addition to supporting professional achievement, QRT offers initiatives and programmes designed to help employees maintain a healthy work-life balance.
Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology- and data-driven group implementing a scientific approach to investing. Combining data, research, technology, and trading expertise has shaped our collaborative mindset, which enables us to solve the most complex challenges. QRT’s culture of innovation continuously drives our ambition to deliver high-quality returns for our investors. You will join the Security team, working closely with Software Engineers and Infrastructure teams to embed security into the design, development, and operation of systems across cloud services, business applications, and core infrastructure. Your Future Role within QRT You will: * Support the implementation and operation of product security controls across cloud services, core infrastructure, and business applications on Windows and Linux platforms * Work with engineering teams to integrate security into system design and development, applying practical approaches suitable for fast-moving environments * Contribute to secure software development practices, including supporting security reviews across languages such as Python, C++, Rust, Go, and Kotlin/Java * Perform threat modelling, vulnerability assessments, and security code reviews with guidance from senior team members * Assist with integrating and operating security tooling (e.g., SAST, DAST, dependency scanning) within CI/CD pipelines and runtime environments * Identify security risks and contribute to remediation and mitigation plans with engineering teams * Perform vendor security reviews to assess third-party security practices against internal standards * Build your product security knowledge and share learnings with peers across engineering teams Your Present Skillset * 3–5 years of experience in product security, application security, software engineering, or a related role * Hands-on experience with secure coding practices and at least one of: Python, C++, Rust, Go, Kotlin/Java * Solid technical foundation in software development, system architecture, or infrastructure, with a strong interest in security * Working knowledge of security principles and common vulnerabilities affecting software, cloud platforms, and business applications * Experience securing Windows and/or Linux-based systems * Practical experience with at least one cloud platform (AWS or Microsoft Azure), ideally in hybrid environments * Familiarity with threat modelling, vulnerability management, and risk assessment concepts * Experience using or integrating security scanning tools into development workflows and/or CI/CD pipelines * Strong problem-solving skills, clear communication, and willingness to learn in a fast-paced environment * Exposure to low-latency or performance-sensitive systems * Experience in financial services and/or regulated environments * Interest in automation and security tooling development QRT is an equal opportunity employer. We welcome diversity as essential to our success. QRT empowers employees to work openly and respectfully to achieve collective success. In addition to professional achievement, we are offering initiatives and programs to enable employees achieve a healthy work-life balance.
ABOUT US Risk Ledger is developing a network of connected organisations, all working together to defend against cybersecurity attacks in the supply chain. Organisations rely on us to establish trust, through sharing their security maturity and visualising the risks posed by their supply chain ecosystem. And we’re already trusted by customers like ASOS, British Airways, BAE Systems and the NHS. We are putting together an amazing and talented team from a diverse set of backgrounds and skillsets to drive us towards our vision. Risk Ledger is built on the respect we have for one another and our users, united by our shared values and mission. Every one of us is still learning: it’s how we grow as individuals. We’re curious. We’re ambitious. And we’re humble and honest. At Risk Ledger, we aim high to find the best solutions we can and always put our users first. THE TEAM: You’ll join a cross-functional department of Software Engineers, Product Managers and Designers, all collaborating together with the wider business to achieve impactful product outcomes. Everyone is involved from day one in shaping opportunities that provide outsized value to both clients and suppliers on Risk Ledger, keeping our users as top priority. We care deeply about building the right thing, in order to fundamentally shift mindsets in the cybersecurity industry. We ship quickly & continuously in order to learn and iterate - whilst always pushing for the highest possible quality bar and keeping security and automation front and centre. The core of our stack is GoLang, AWS, and Vue.js, with modern design philosophies and a cloud-native approach. THIS ROLE Our Product Engineers play a crucial role in our user and product experience. You will be focused on solving innovative end-to-end product challenges in the best manner for our customers. Whilst you may have a natural inclination towards the backend or frontend, we expect you to have a good breadth of knowledge across the stack. You’ll delve into all aspects of our tech stack and product portfolio, having meaningful impact on our customers, and the overall success of the business. As a Senior engineer, you’ll be embedded in a squad, trusted to autonomously lead and own impact in your area with little oversight. You should expect to work across the full stack, taking ownership of mid-to-large initiatives and driving them through to completion. You’ll set a high standard in your squad through the quality of your work and your ability to coach and support those around you. You’ll be collaborating on a daily basis with designers, product managers, other engineers and the wider business to create a great product experience and continuously ship value to our users. You’ll be expected to set a strong example within your squad, championing best practices and helping to level up the engineers around you. You will also contribute to shaping our engineering strategy and practices. IN THE ROLE YOU WILL; * Collaborate to deliver an exceptional product. From understanding initial needs to crafting outstanding solutions, you’ll work directly with product managers and designers to bring ideas to life. And by that, we don’t just mean implement requirements, we expect our engineers to understand our market and customers in order to be able to influence product strategy and challenge assumptions. * Develop high quality systems and code. Working across our stack, you’ll design and develop the systems that underpin the Risk Ledger product and advance us towards our vision. You’ll lead system design efforts, consistently producing high-quality, well-documented and thoroughly tested code that sets the standard for your squad. * Move fast, with an eye for quality. You enjoy moving fast while maintaining an extremely high quality bar through testing, automation, discipline, consistency and best practice, whilst treading a careful line in pragmatism and cost-benefit analysis. * Enjoy being a generalist. We are building an amazing and talented team from a diverse set of backgrounds and skillsets. Our engineers are empowered to work in all areas of our platform, and across all areas of the business, directly contributing to the wider success of the company. * Support the growth of those around you. You will mentor and coach junior and mid-level colleagues, helping them level up their hands-on technical skills, system design thinking and problem-solving approach. * Have an impact. We’re a growing startup - so you’ll have the opportunity to get involved in areas outside of your day to day role. YOU’LL HAVE; * Worked in multiple engineering teams focused on building a customer focused SaaS product; weighing up delivering value to clients against technical excellence. * Deep experience with either backend or frontend development. * Backend language preferably Go; Or something like Java, C# or Python * Frontend: Typescript preferably with VueJS or React * In either case, reasonable additional experience with: * SQL and ‘NoSQL’ Data stores, with deep knowledge of data model design * Containers and Orchestration: Docker / Kubernetes * Cloud providers and cloud native services, preferably AWS * Event driven systems, and messaging services such as SQS/SNS, Kafka or RabbitMQ * Experience leading system design for non-trivial features or projects, evaluating trade-offs and ensuring alignment with team and business goals. * A desire to deeply understand our customers and the problems they face, in order to improve their day-to-day experience. * An ability to thrive in ambiguity, tackling problems that might not be well defined and without obvious solutions, and comfortable operating autonomously. * A keen sense of curiosity, with a natural drive to learn and grow. * A passion to work collaboratively with others. We like to work as a team, not a collection of individuals and we expect you to have the same mindset. Passion for pairing, mobbing and other XP principles are a strong plus. YOU MIGHT HAVE; * Experience mentoring or coaching other engineers, helping them grow their technical skills and confidence. * A startup/scale-up background. We’re not concerned if you have not worked in this environment, as long as you are willing to get stuck into the ambiguity of an early stage company. * Experience of data processing, machine learning, AI or integrating large datasets into a product. * Worked with observability solutions (Kibana, Grafana, Sentry). The perks: * 💰Competitive base salary * 📈Generous EMI equity package * 👌Private pension * ✈️28 days annual leave + bank holidays * 🏖Additional 30 days of unpaid leave per year to use as you wish * 🎆Ad-hoc companywide time off over the festive period * 🏥Private healthcare with AXA Insurance - including enhanced mental wellbeing coverage * 🏠Hybrid working policy, typically 2-3 days in the office * 👶Enhanced family (parental) leave - gender-neutral policy, 12 weeks paid leave * 👪5 days Caretaker's leave * 😷Enhanced occupational sick pay * 💻£500 WFH budget * 📚All the learning resources and books you want to aid in your personal development * 🎉 Regular socials to unwind and have some fun Salary range £90,000—£120,000 GBP