Role: Security Engineer
Location: London (minimum expectation of one day a week in the office).
Recently listed as a "RegTech Top Performer" in Market Fintech's RegTech Supplier Performance Report, CUBE is pioneering the development of machine automated compliance.
We are a global RegTech business defining and implementing the gold standard of regulatory intelligence and change for the financial services industry. We deliver our services through a SaaS platform, powered by an innovative combination of AI and proprietary data ontology, to simplify the complex and everchanging world of compliance for our clients.
At CUBE, we are creating the future and are a company rooted in strong values, team spirit, and commitment to our customers and wider communities. We serve some of the largest financial institutions globally and are expanding our footprint very fast. As we do so, we are keen for new talent to join us and realize their full potential to grow into leadership positions within the business.
Role mission:
As a pivotal member of our Information Security team, you will report directly to the Head of Information Security. Your primary objective is to ensure the security and integrity of our cloud and on-premise systems. You will be deeply involved in the design, implementation, and maintenance of security controls, and your expertise will be crucial in optimizing and maintaining security for CUBE Global.
Bringing at least 5 years of relevant security experience, you can expect to provide advanced security consultancy to the wider technology department and the company with a laser focus on reliability, security, and data integrity.
Responsibilities:
* Assist in the design, implementation, and maintenance of security controls with a focus on Azure cloud and on-premise systems.
* Optimize and maintain CUBE’s Office 365 security features and environment health.
* Manage the vulnerability management lifecycle, including scanning, analysis, and remediation strategies.
* Conduct risk assessments on CUBE’s architecture and infrastructure for security compliance and improvement opportunities.
* Manage and monitor our endpoint security platforms (e.g., SentinelOne and Defender or similar) to ensure effective deployment, configuration, and threat remediation across the organization.
* Collaborate with DevOps teams to integrate security measures within CI/CD processes.
* Implement and optimize advanced security technologies for threat detection, prevention, and response.
* Devise and implement IAM policies, enforcing least privilege principles, and maintain role-based access controls.
* Provide an advanced level of security consultancy to the wider Technology department with regard to engineering security solutions.
* Contribute to security awareness initiatives to drive a security-first culture.
What we’re looking for:
* 5+ years of experience as a Security Engineer or similar role.
* Advanced knowledge of Azure Cloud, Azure AD, O365, Intune, and Defender security administration.
* Working knowledge of both Linux and Windows systems.
* Demonstrable knowledge of VMWare of public cloud provider security best practices (Azure, GCP, AWS).
* Experience of DevSecOps and integrating security into CI/CD pipelines.
* Experience with SAST/DAST tools and processes for application development security.
* Deep understanding of application security, secure coding practices, OWASP Top 10, and API security standards.
* Proven experience in writing and maintaining scripts in both Unix shell and Powershell for automation and systems management.
* Proficiency in one or more programming languages for secure code review.
* Strong understanding of security frameworks, tools, and technologies (e.g., CIS controls and SIEM, IDS/IPS, firewalls).
* Strong analytical skills for risk assessment and security solution recommendations.
* Excellent communication skills for articulating technical details to both technical and non-technical teams.
* Experience delivering complex security projects.
#J-18808-Ljbffr