Platform Security Engineer (DevSecOps) Contract 

Qube Research & Technologies (QRT) is a technology and data-driven quantitative investment manager. We build systems that directly support research and trading activity. 

As our engineering and research environments scale, manual security, identity, and trust processes increasingly become bottlenecks. 

We're looking for a hands-on engineer to help us replace inconsistent security patterns with scalable platform capabilities that engineers actually want to use. 

What You'll Do 

• Build and operate security platforms as code 

• Automate identity, secrets, and trust workflows 

• Create reusable onboarding and integration patterns 

• Debug production issues across infrastructure, applications, and platforms 

• Help teams adopt secure patterns without slowing delivery 

• Reduce operational toil through automation and platform engineering 

Engineering teams will often have competing business priorities. Success depends on making secure solutions easier to adopt than insecure ones. 

Engineers Who Will Thrive In This Role 

• You automate repetitive work rather than documenting it 

• You ask questions before proposing solutions 

• You enjoy understanding how systems actually work 

• You like solving root causes rather than symptoms 

• You are comfortable working across infrastructure, applications, security, and people 

• You are pragmatic about balancing security, usability, and delivery 

Technologies We Use 

HashiCorp Vault Enterprise, Terraform, Python, Go, Bash, Kubernetes, AWS, GitOps/CI/CD, OIDC/JWT, SailPoint, PrivX and CyberArk. 

What Matters Most 

We are far more interested in: 

• engineering judgement 

• communication 

• systems thinking 

• automation 

• curiosity 

• pragmatism 

than experience with a particular vendor product. 

This is a hands-on production role. You will own the outcomes of the systems you build. 

Anti-Patterns To Avoid 

• Treating security as policy enforcement rather than an engineering problem 

• Optimising for tools rather than outcomes 

• Waiting for perfect requirements before making progress 

• Preferring manual processes over automation 

• Assuming teams will adopt a platform simply because it exists 

The challenge is not deploying Vault. 

The challenge is building secure platform capabilities that survive contact with reality.