Security Assessment Specialist

G-Research is Europe’s leading quantitative finance research firm. We hire the brightest minds in the world to tackle some of the biggest questions in finance. We pair this expertise with machine learning, big data, and some of the most advanced technology available to predict movements in financial markets.

The role

We are looking for a Security Assessment Specialist to join a growing team responsible for conducting penetration tests and vulnerability assessments against our internal systems and security controls at G-Research. You will be working directly with the business to demonstrate how repeated assessment/testing and remediation work can help improve our overall security posture.

Reporting to the Security Assessment Manager, this role will be responsible for:

• Conducting technical penetration tests against a broad range of technologies such as Kubernetes, Jenkins and Windows Domain Services

• Supporting Control Owners by providing meaningful recommendations to mitigate and protect against discovered vulnerabilities

• Supporting Business and Application Owners in determining the effectiveness and assurance of security within their functional area(s)

• Supporting Risk, Compliance and Detection Engineering teams by providing technical know-how, consulting and assessment of controls, detection capabilities, system and policy configuration

• Maintaining and improving operational tooling/integrations used within the team

• Providing support and mentoring for less experienced members of the team

Who are we looking for?

The ideal candidate will have:

• Strong background of the full penetration testing workflow, from scoping, prep, testing, reporting and debrief with technical stakeholders

• Understanding of vulnerability assessment processes including remediation and mitigation advice for infrastructure and application security

• Extensive security experience within a technical role covering a variety of technologies, applications, with devops technology experience preferred

• Experience of validating the effectiveness of a security control through manual and automated means

• Experience engineering solutions to automate and assist in team deliverables

• A strong engineering / development background and have familiarity with DevSecOps style deployments and be comfortable with Python, Jenkins and Ansible..

• Security certification e.g. CRT, OSCP, OSEP (OSCP minimum)

• Good interpersonal and communication skills with a strong focus on written output

Why should you apply?

• Highly competitive compensation plus annual discretionary bonus

• Informal dress code and excellent work/life balance

• Comprehensive healthcare and life assurance

• 30 days holiday

• 9% contributory pension scheme

• Cycle-to-work scheme

• Subsidised gym membership

• Monthly company events

• Central London office close to 5 stations and 6 tube lines

G-Research is committed to cultivating and preserving an inclusive work environment. We are an ideas-driven business and we place great value on diversity of experience and opinions.

We want to ensure that applicants receive a recruitment experience that enables them to perform at their best. If you have a disability or special need that requires accommodation please let us know in the relevant section