Security Engineer


Apply now     

About AQR Capital Management

AQR is a global investment management firm built at the intersection of financial theory and practical application. We strive to deliver superior, long-term results for our clients by seeking to filter out market noise to identify and isolate what matters most, and by developing ideas that stand up to rigorous testing. Underpinning this philosophy is an unrelenting commitment to excellence in technology — powering our insights and analysis. This unique combination has made us leaders in alternative and traditional strategies since 1998.

AQR takes a systematic, research-driven approach, applying quantitative tools to process fundamental information and manage risk. Our clients include institutional investors, such as pension funds, insurance companies, endowments, foundations and sovereign wealth funds, as well as financial advisors.

Job description:

Your Role

AQR is seeking a Security Engineer who will build, test, operate, troubleshoot, and maintain the information security technologies for both AWS cloud and on-premises environments. This information security infrastructure provides first-line controls in a defense-in-depth approach to advanced security technologies, processes, and procedures to protect the firm’s business practices and assets.

The Security Engineer will have fundamental experience working with application security frameworks and infrastructure components.  Highly technical hands-on security engineer with ability to troubleshoot a diverse range of security technologies and platforms.
We are looking for a Security Engineer who is passionate about:

  • Partnering with application developers on secure software development for on-premises and cloud native applications
  • Implementing application security solutions that leverage AWS services
  • Advising and implementing on-premises and AWS cloud security best practices
  • Serving internal clients on security challenges/solutions
  • Implementing, testing, and maintaining security technologies across the stack (e.g., network, application, data)

Basic Qualifications:

  • Experience (5+ years) in engineering highly technical security infrastructure environments, preferably in Financial Services or related verticals with regulatory requirements
  • Experience (3+ years) in implementing security engineering projects on-premises and in Amazon Web Services (AWS) with an emphasis on application security and infrastructure components
  • BS level technical degree or equivalent experience; Computer Science or Engineering background preferred
  • Team player and detail oriented, open and collaborative work ethic with a well-developed sense of ownership and responsibility, flexible, and adaptable
  • Strong verbal and written communication skills, analytical thinking and problem solving skills
  • Tenacious perseverance in troubleshooting/investigating problems and processes and firm believer in established methodologies and best practices

Preferred Qualifications:

  • Experience with application security and secure software development lifecycle (S-SDLC)
  • Experience with application security assessment tools, e.g., JFROG X-Ray, Fortify, Veracode, etc.
  • Experience with hands on programming and scripting skills
  • Perform cyber security risk assessments for proprietary applications and of third party vendors
  • Proven extensive engineering documentation skills using productivity tools (O365, Visio)
  • Support the operational changes for security systems and adhere to change control process
  • Contribute to long term security design strategy and roadmap, core security architecture, establishment of engineering standards and best practice playbooks
  • Proficient understanding of a range of security technologies, including but not limited to intrusion detection and prevention systems (IDS/IPS), proxies, endpoint security, vulnerability management, identity management and authentication/authorization services, SIEM and logging architecture
  • Earned Cloud Architecture and/or Cloud Security Certifications (AWS, Azure)
  • Earned the Offensive Security Certified Professional (OSCP) certification
Apply now     


Life at AQR

Benefits

AQR offers generous benefits: 100% paid Medical, Dental and Vision coverage. Perks include health and wellness allowances, meditation programs, onsite breakfasts and lunches and stocked kitchens with seasonal treats.

Employee Connectivity

Employees participate in a range of connectivity and community building events & experiences the firm offers: Book Clubs, Research Colloquiums, baseball outings, Star Wars premiere, our Food Truck Social and volunteer opportunities.

Learning & Development

QUANTA, the firm's learning and development program, offers both professional and personal growth opportunities through 350+ classes per year.