• 4+ years of experience in application security, infrastructure security, or a similar role
• Solid understanding of common application security vulnerabilities and attack vectors (e.g., OWASP Top 10)
• Experience with security assessment tools and techniques, such as penetration testing, vulnerability scanning, and code analysis
• Proficiency in programming/scripting languages (e.g. Python, Bash, Javascript) for automation and scripting purposes
• Strong knowledge of network and infrastructure security principles, including firewalls, VPNs, and secure network architecture
• Familiarity with cloud platforms (e.g. AWS, Azure, GCP) and associated security best practices
• Excellent analytical and problem-solving skills, with the ability to assess complex security issues and recommend effective solutions
• Strong communication skills with the ability to collaborate effectively with cross-functional teams and communicate technical concepts to non-technical stakeholders

Desirable

• At SigTech, you’ll join a team dedicated to pushing the boundaries of what’s possible in the trading world, using innovation to drive real results
• Conduct thorough security assessments of applications, systems, and infrastructure to identify vulnerabilities, weaknesses, and areas of improvement
• Develop and manage the vulnerability management process, including vulnerability identification, prioritisation, remediation, and verification
• Design, implement, and maintain robust security measures and controls to protect against potential threats, including firewalls, intrusion detection systems, and encryption protocols
• Collaborate with software development teams to integrate security best practices into the development lifecycle, including threat modelling, code reviews, security testing, and secure coding standards
• Monitor and analyse security events and incidents, responding promptly to mitigate risks and minimise potential impacts
• Collaborate with the infrastructure team to ensure that security controls are effectively implemented and maintained across all layers of the technology stack
• Stay updated on the latest security trends, threats, and technologies to proactively identify and address emerging risks
• Develop and maintain documentation related to security policies, procedures, and guidelines for internal and external stakeholders