Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology- and data-driven group implementing a scientific approach to investing. Combining data, research, technology, and trading expertise has shaped our collaborative mindset, which enables us to solve the most complex challenges. QRT’s culture of innovation continuously drives our ambition to deliver high-quality returns for our investors.
You will join the security function responsible for running the vulnerability management programme across infrastructure and cloud environments. You will work closely with Engineering and Infrastructure/Operations teams to identify, validate, prioritise, and track remediation of vulnerabilities in line with defined risk standards.
Your Future Role within QRT
- Vulnerability Discovery & Analysis
- Operate and maintain vulnerability scanning tools across on-premise, cloud, and hybrid environments.
- Analyse and validate vulnerability findings, reducing false positives and ensuring accurate risk assessment.
- Enrich findings with context such as exploitability, exposure, asset criticality, and compensating controls.
- Technical Validation & Verification
- Perform manual validation of vulnerabilities where required, including configuration review and targeted testing.
- Support pre-deployment testing and post-remediation verification to confirm vulnerabilities have been effectively addressed.
- Validate patching outcomes and configuration changes using appropriate tools and techniques.
- Remediation Support
- Work closely with infrastructure, cloud, and engineering teams to support remediation efforts.
- Provide clear technical guidance on vulnerability remediation, configuration changes, and patching approaches.
- Assist in the development of remediation playbooks and standard operating procedures.
- Tooling & Automation
- Support the implementation and ongoing improvement of vulnerability management tooling.
- Develop scripts, queries, and automation to improve coverage, accuracy, and efficiency.
- Integrate vulnerability data with other security and operational systems where appropriate.
- Reporting & Metrics
- Produce accurate vulnerability data, metrics, and dashboards to support reporting and tracking.
- Ensure vulnerability records are kept up to date and remediation status is accurately reflected.
- Continuous Improvement & Threat Awareness
- Stay current on emerging vulnerabilities, attack techniques, and exploitation trends.
- Contribute to process improvements and technical enhancements within the vulnerability management function.
- Incident & Security Support
- Support security incidents by identifying relevant vulnerabilities and providing technical context.
- Assist in rapid assessment and validation of vulnerabilities under active exploitation.
Your Present Skillset
- 3–6 years’ experience in vulnerability management, infrastructure security, or a related technical security role
- Hands-on experience with vulnerability scanning and assessment tools
- Strong understanding of operating systems, networking, and common infrastructure technologies
- Experience working in cloud environments (AWS and/or Azure)
- Ability to assess real-world risk beyond CVSS (exploitability, exposure, environment context)
- Scripting/automation capability (e.g., Python, PowerShell, or similar)
- Experience collaborating with engineering and operations teams to drive remediation
- Familiarity with patch management and configuration management practices
- Exposure to security standards or frameworks (e.g., NIST, ISO 27001)
- Experience in large-scale or enterprise environments
- Relevant technical certifications (optional)
QRT is an equal opportunity employer. We welcome diversity as essential to our success. QRT empowers employees to work openly and respectfully to achieve collective success. In addition to professional achievement, we are offering initiatives and programs to enable employees achieve a healthy work-life balance.