Vulnerability Management Lead

Описание вакансии

Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology- and data-driven group implementing a scientific approach to investing. Combining data, research, technology, and trading expertise has shaped our collaborative mindset, which enables us to solve the most complex challenges. QRT’s culture of innovation continuously drives our ambition to deliver high-quality returns for our investors.

You will join the security function with responsibility for the firm’s vulnerability management capability across infrastructure, cloud, and technology platforms. You will partner with senior stakeholders across Engineering, Infrastructure/Operations, Cloud, and Security to drive a risk-based approach to vulnerability identification, prioritisation, and remediation.

Your Future Role within QRT

• Vulnerability Management Strategy & Ownership

+ Define, own, and continuously evolve the global vulnerability management strategy, operating model, and standards.

+ Establish vulnerability management as a core, risk-based discipline embedded across technology teams.

+ Set clear expectations for prioritisation, remediation timelines, risk acceptance, and reporting.

• Leadership, Reporting & Governance

+ Lead vulnerability management capability, with scope to build and manage a small team.

+ Produce clear, senior-level reporting on vulnerability risk posture, trends, and remediation effectiveness.

+ Provide data-driven insight to support technology and security leadership decision-making.

• Risk-Based Vulnerability Assessment

• Oversee vulnerability discovery, analysis, and prioritisation across on-premise, cloud, and hybrid environments.
• Assess vulnerabilities based on exploitability, exposure, and business impact, providing authoritative remediation guidance.
• Own the approach to vulnerability risk acceptance, exceptions, and compensating controls.

• Senior Stakeholder Engagement & Influence

+ Act as the primary senior point of contact for vulnerability risk across technology, cloud, engineering, and security stakeholders.

+ Influence and challenge teams and leaders to ensure remediation efforts align with agreed risk priorities.

+ Drive accountability and organisational change to improve vulnerability outcomes.

• Remediation Oversight & Assurance

+ Direct and coordinate remediation and patching activities across teams and time zones.

+ Ensure appropriate pre-deployment testing and post-deployment verification are in place.

+ Track remediation performance and escalate material risk where commitments are not met.

• Continuous Improvement & Incident Support

+ Drive improvements in tooling, automation, and processes to scale vulnerability management effectively.

+ Maintain awareness of emerging threats, vulnerability trends, and exploitation techniques.

+ Support security incidents by providing vulnerability intelligence, context, and prioritisation.

Your Present Skillset

• 5+ years’ experience in vulnerability management or a closely related cybersecurity role
• Demonstrated ownership of vulnerability risk and delivery of remediation outcomes in complex environments
• Strong technical understanding of vulnerability management tools, processes, and risk assessment methodologies
• Experience across on-premise, cloud, and hybrid environments
• Proven ability to influence senior stakeholders and drive organisational change
• Strong communication, prioritisation, and stakeholder management skills
• Experience building or leading security or technical teams (optional)
• Familiarity with security standards and frameworks such as ISO 27001 and NIST (optional)
• Relevant security certifications (e.g., CISSP, CISM) (optional)
• Experience operating in fast-paced, globally distributed environments (optional)

QRT is an equal opportunity employer. We welcome diversity as essential to our success. QRT empowers employees to work openly and respectfully to achieve collective success. In addition to professional achievement, we are offering initiatives and programs to enable employees achieve a healthy work-life balance.