Senior Detection & Response Engineer

Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology and data driven group implementing a scientific approach to investing. Combining data, research, technology, and trading expertise has shaped our collaborative mindset, which enables us to solve the most complex challenges. QRT’s culture of innovation continuously drives our ambition to deliver high quality returns for our investors.

Your future role within QRT

This role will be tasked with improving and optimizing our capability to effectively monitor, detect, respond, and remediate security incidents. We are building a global security team, implementing highly automated security operations processes and systems in order to meet dynamic company growth. You will have an opportunity to design and build systems from scratch, interact with various technologies, influence architecture, decide on specific technologies or tools, and work on cutting-edge projects.

What you will do:

• Monitor and analyse security events and alerts from various sources to detect threats
• Coordinate incident response activities including investigation, containment, remediation, recovery and lessons learnt
• Deploy, tune, administer and implement security detection and response solutions, tools, configuration and related processes
• Collaborate with cross-functional teams to improve detection capabilities, including deploying a new tool, log ingestion and enrichment, developing detection use cases and playbooks or designing automated response mechanisms
• Capable of proactively performing threat intelligence driven hunting
• Liaise with external vendors / MSSP / third-party stakeholders as required

Requirements

• 5+ years' experience in information security fields, 3+ years' experience in detection and response.
• Demonstrable experience in creating customized security detection use cases
• Demonstrable experience in digital forensics analysis and incident response
• Demonstrable experience with SIEM, EDR/XDR, firewall/IDS/IPS tools and automation of mundane tasks
• Understanding of different adversary tactics, techniques and procedures
• Technical understanding and knowledge of network and operating system fundamentals
• Experience working in hybrid environments (public cloud/on-prem) utilising various operating systems
• Programming/scripting language skills (such as Python, Bash, PowerShell) would be advantageous
• Excellent verbal and written communication skills
• Strong analytical and problem-solving skills
• Proactive, highly motivated and independent