Location : Dallas, TX
G-Research offers remote working within the State of Texas, bringing people together in the office for a number of days every month.
G-Research is Europe’s leading quantitative finance research firm. We hire the brightest minds in the world to tackle some of the biggest questions in finance. We pair this expertise with machine learning, big data, and some of the most advanced technology available to predict movements in financial markets.
This role is based in G-Research’s new office in Dallas. Opened in 2022, the Dallas office is a key infrastructure hub where we work on the latest cloud technologies in a cutting-edge environment.
Software Engineering is core to our business, and ensuring that engineers in G-Research have everything they need to meet these commitments is the responsibility of our DevSecOps Tooling team.
The DevSecOps Tooling team has the tools available to make smart security decisions as far left in the development lifecycle as possible – while writing code, during compilation, and during deployment.
Our engineers solve some of the world’s most complex financial problems and we don’t want privilege escalations, buffer overflows or bad API inputs to compromise the integrity or security of our systems or data. To ensure productivity across our delivery teams is unaffected, our security tooling must be seamlessly integrated with our engineers’ existing processes.
We also believe that our security controls should be tested regularly via automation, to provide continuous assurance to our compliance teams about the security and risk level of our software.
This role offers exceptional opportunities for skills and career development. Key responsibilities of the role include:
- Trialling, adopting, developing and running security tooling such as:
- Fuzz testing frameworks
- Security risk metric and analysis
- Dynamic and Static Application Security Testing (DAST and SAST) tools
- Creating security capabilities that support other engineering teams, such as:
- Integrity validation tooling for deployment pipelines
- Configuration analysis tooling
- Defining demonstrating and driving the adoption of an efficient and effective secure software development lifecycle, for example:
- Security-focused unit testing
- Security-focused automated integration testing
- Policies for open source and third party software usage
- Building a security testing framework to allow aggregation of automated security testing results from across G-Research
- Working with our infrastructure teams to integrate security testing into the environments and platforms that we build
Who are we looking for?
The successful candidate will be a highly competent and confident individual with extensive experience in software development or infrastructure automation. You will have an interest in computer security and while you may not have prior experience with it, you will be willing to cross-train to develop your security expertise.
The ideal candidate will:
- Have the ability to understand complex software architectures, computer science fundamentals and data structures
- Enjoy collaboration, particularly with software engineer colleagues in order to solve technical problems and drive continuous improvement
- Be passionate about seeking out and learning new technologies and processes to improve the software development lifecycle
- Possess excellent programming or Infrastructure-as-Code skills –you may know C# or Java, or are willing to cross train from a similar language. Maybe you’re a Python guru, or maybe you know Ansible, Terraform and Jenkins scripting inside out
- Have good communication skills, the successful candidate will act as a conduit between the information security team and the other software teams within the business
- Have a strong academic background, comprised of good A-level (or equivalent) results and a 2.1 or better from a top university in a relevant subject area
Desirable knowledge and skills:
- Experience with security tooling, ideally Open Source, in areas such as fuzz testing, DAST, SAST
- Experience with modern development practices in a team setting:
- Agile, Continuous Delivery, TDD, BDD.
- Cloud and container platform experience such as OpenStack, Kubernetes, Azure or AWS
Why should you apply?
- Market-leading compensation plus annual discretionary bonus
- Informal dress code and excellent work/life balance
- Paid time off, including sick days, military leave, and family and medical leave
- Summer working hours, equivalent of 4 additional days of paid leave
- Generous 401(k) plan
- 12-weeks’ fully paid parental leave
- Medical and Prescription, Dental, and Vision insurance
- Life and Accidental Death & Dismemberment (AD&D) insurance
- Employee Assistance and Wellness programs
G-Research is committed to cultivating and preserving an inclusive work environment. We are an ideas-driven business and we place great value on diversity of experience and opinions.
We want to ensure that applicants receive a recruitment experience that enables them to perform at their best. If you have a disability or special need that requires accommodation please let us know in the relevant section.Apply