Security Software Developer

Software Development London, United Kingdom


Description

 

 

Job Specification – Security Software Developer

The Company

G-Research is a well-established and rapidly growing firm with a leading platform for developing quantitative research and systematic investment ideas. We have created a community designed to inspire the best minds in the world to tackle the toughest intellectual challenges and deliver the best work of their careers. Our platforms and technologies are constantly evolving to meet the real-world scenarios we throw at them and we are seeking world-class software engineers to join us.

Traditionally a .NET and Microsoft house, as a successful and well-funded business G-Research are broadening the scope of the platforms and development tools we use.  We aim to use the best tools available for the job and are actively extending the use of open source and Linux-based technologies in the areas that they can make a real difference.  Developers with experience in these technologies can make a big impact - we are happy to hire people with a diverse range of skills, there's no specific requirement for experience with .NET. Technologically the sky is the limit and we are looking for the brightest and best developers in the world to take our capability to the next level.  This is an exciting time to join G-Research.

The Role

Security of in-house software development is central to the business’ goals. Software at G-Research is developed primarily in C#. Reporting into the Secure Architecture Team Manager, the key responsibilities of the role are:

  • Developing security software, libraries and controls:
    • shared security components for use by our developers
    • high assurance software (e.g. for cryptographic key management)
    • bespoke security tools/controls for use by the InfoSec division
  • Contributing to architecture and team outreach regarding secure development lifecycle
  • Maturing software engineering & quality practices within Information Security
  • Working closely with other developer teams to ensure security best practice

Forthcoming challenges for the team include developing (or integrating) solutions for code integrity, endpoint authentication, application armouring, data tagging & flow control, and sandboxing.

The Individual

The candidate must be a strong, competent, and practical software developer with experience developing to meet security requirements.  They should be enthusiastic and have a genuine interest in attack and defence technique for application security. A subset of the following skills is required:

  • Proven ability to develop high quality software in an object-oriented language.
  • Commercial or personal experience in security & cryptography topics that demonstrates security skills. For example: authentication, cryptocurrency, transaction systems integrity, reverse-engineering resistance / obfuscation, securing distributed systems, open source development security.
  • Appreciation of good software architecture and knowledge of platform internals: compilers, language VMs, operating systems, assembly code.
  • Working knowledge of Security Development Lifecycle (SDL) and security software assurance techniques.
  • Experience working with crypto libraries (e.g. openSSL, bouncycastle), PKI or Active Directory security.
  • Excellent academics – good A-level results combined with a 2.1 or better from a top university in computer science/software engineering.
  • Excellent communication skills – the successful candidate will act as a conduit between the information security team and the other developer teams within the business.
  • Candidates from all commercial backgrounds are encouraged to apply. We are considering candidates with varying levels of experience.