Product Security Engineer

Location: Manhattan (Midtown) | 100% Onsite

Overview: Glocomms is partnered with a premier quantitative hedge fund dedicated to leveraging advanced mathematical models and cutting-edge technology to achieve superior investment performance.

The new Product Security Engineer role is critical in ensuring the security and integrity of the firm's trading platforms and products. The ideal candidate will have strong knowledge of Secure Software Development Life Cycle (SSDLC) practices and excellent programming skills. This position will work closely with development teams to integrate security throughout the development process, proactively identifying and mitigating potential security risks.

Key Responsibilities:

• Collaborate with development teams to integrate security best practices into the SDLC.
• Conduct threat modeling, security reviews, and code audits to identify and address security vulnerabilities.
• Develop and implement security requirements, guidelines, and standards for our products and systems.
• Perform static and dynamic analysis of code to identify and remediate security issues.
• Design and implement security features and controls to protect sensitive data and systems.
• Monitor and respond to security incidents and alerts, conducting root cause analysis and implementing corrective actions.
• Provide technical guidance and training to development teams on secure coding practices and security tools.
• Stay current with emerging security threats, vulnerabilities, and industry best practices.

Qualifications:

• Bachelor's or Master's degree in Computer Science or a related technical field.
• 4-7 years of experience in product security or a related role.
• Proficient in one or more programming languages (e.g., Python, Java, C++, Go).
• Experience with security tools and technologies (e.g., static analysis tools, dynamic analysis tools, penetration testing tools).
• Strong understanding of common security vulnerabilities and attack vectors (e.g., OWASP Top Ten).
• Experience with cloud security (e.g., AWS, Azure, GCP) and container security (e.g., Docker, Kubernetes).
• Excellent problem-solving skills and attention to detail.
• Strong communication and collaboration skills, with the ability to work effectively in a fast-paced environment.

Preferred Qualifications:

• Relevant security certifications (e.g., CISSP, CEH, OSCP) are a plus.
• Experience in the financial services or trading industry is preferred.
• Knowledge of cryptographic principles and practices.

Benefits:

• Competitive salary and performance-based bonuses
• Comprehensive health, dental, and vision insurance
• Retirement savings plan with company match
• Professional development opportunities
• Collaborative and innovative work environment

This is an opportunity to join a team of world-class professionals who continuously push the boundaries of quantitative finance, making this coveted Manhattan office space a dynamic and exciting place to work.

This role is located in the firm's Midtown Manhattan office, close to Grand Central Station for easy commuting within the New York Metropolitan Area. Candidates must be willing to work on-site 5 days per week.

Full-Time, Direct Hire only (no C2C/C2H). Resumes must include first and last name and contact information to be considered.