Head of Security Engineering

The Firm:

Brevan Howard Asset Management is one of the leading absolute return/hedge fund managers, overseeing assets on behalf of institutional investors from around the world, including pension funds, endowments, insurance companies, government agencies, private banks, and fund of funds.

Brevan Howard was founded in 2002 and launched its flagship global macro strategy in April 2003. The firm currently manages over $35bn and engages predominantly in discretionary directional and relative value trading in fixed income, FX markets, and equities. BH Digital, a division within Brevan Howard that manages crypto and digital asset strategies was launched in 2022.

The firm currently employs over 1,000 personnel worldwide, including over 400 investment professionals. This global presence gives Brevan Howard the ability to identify and source attractive investment opportunities, as well as investment management talent wherever they may be. Brevan Howard has won several industry awards for excellence in risk management, operational robustness, and investment performance. The firm's main hubs are in London, Jersey, Geneva, New York, Austin, Hong Kong, Singapore, and Abu Dhabi.

The Department:

The Information Security Team is responsible for protecting the company's infrastructure, intellectual property and digital assets. The team has a broad scope of responsibilities and tackles projects in different security verticals (IAM, GRC, Cloud Security, Application Security, Detection and Response, etc.)

We are in a build phase at present.

In this role, you will have the opportunity to work on various projects based on your skillset, experience, career goals and the team's priorities.

The Role

This is a hands on Security Engineering role, defining and delivering against the strategy for a range of areas including:

• Endpoint security / EDR
• Vulnerability Management
• Cloud security
• Email Security
• Security testing
• Secure by Design / Application Security / DevSecOps
• The security of AI/LLM/Agentic ecosystems.

The ambition for this role is to own the engineering part of our defence-in-depth InfoSec strategy, taking an automation-first approach. This will involve the maturing of existing controls and building new controls via the selection and integration of best-of-breed products alongside emerging suppliers and open-source tools. We actively encourage the use of modern AI tooling where practical.

As a core member of the CISO's security leadership team this role will work closely with peers including Security Operations (in defining requirements and during live incidents) and Identity and Access Management.

The role will also interact with partners in our Technology organisation and beyond - who we rely on to deploy our tools, and who rely on us to provide security advice and approvals.

This role will suit technical candidates with a strong cyber security background in the financial or tech sector. We are open to applications from candidates who are in a similar position looking for a new challenge, as well as candidates for whom this will be a step-up into a first head-of position.

MAIN DUTIES/RESPONSIBILITIES OF THE ROLE:

Essential Responsibilities:

• Lead the SecEng Function
• Be pragmatic and commercially driven, positioning the security function as an enabler for the business.
• Work to design, develop and execute on the InfoSec strategy.
• Build and mature the firm's security controls
• Own the relationship with key stakeholders across the firm to inform the Security requirements, roadmap and priorities.
• Assist the Head of SecOps on security incidents, investigations and remediation.
• Lead Red Teaming and/or penetration testing.
• Advocate of the principle of shift left and approach to DevSecOps

Person Specification

WORK EXPERIENCE/BACKGROUND

Essential

• Professional hands-on experience with a programming or scripting language, e.g. Java, Golang, Python, Bash, Node.js, etc.
• Experience working in a dynamic, fast paced environment
• Strong experience in securing Cloud environments, AWS, Azure, GCP and ideally with CNAPP technology
• Deep understanding of Operating System security, Windows & Linux
• Strong knowledge around cryptographically securing data, assets and infrastructure

Desirable

• Strong experience in securing microservice architecture e.g. Kubernetes, Docker
• Experience with application security toolsets such as SAST, DAST, SCA and secret scanning
• Experience in securing CI/CD pipelines and Infrastructure-as-Code
• Experience in managing internal or external vulnerability assessments such as pentests, red team etc.
• Professional experience within financial services