Senior Application Security Engineer - Quantitative Trading

Our client is a world-leader in systematic, technology-driven trading, operating 24/7 across all global liquid asset classes. They are a science-first organization where a culture of deep collaboration, innovation, and rigorous research is essential to solving the most complex challenges in finance. This is a rare opportunity to join a high-performance, non-bureaucratic environment where technology is the core of the business, not a cost center. The Role We are looking for a high-impact Senior A

Pinpoint Asia - Hong Kong - Full time

Salary: HK$80k - HK$110k per month + Performance Bonus & Medical

Our client is a world-leader in systematic, technology-driven trading, operating 24/7 across all global liquid asset classes. They are a science-first organization where a culture of deep collaboration, innovation, and rigorous research is essential to solving the most complex challenges in finance.

This is a rare opportunity to join a high-performance, non-bureaucratic environment where technology is the core of the business, not a cost center.

The Role

We are looking for a high-impact Senior Application Security Engineer to secure the firms most critical asset: its core, high-performance trading infrastructure.

This is a key architecture and design role. You will be a hands-on technical leader and a trusted partner to elite engineering and product teams. Your mission is to champion a "secure by design" ethos and embed security into the DNA of the firm's systems. You will be empowered to architect, review, and validate security controls that enable the business to move fast, safely.

(Note: This role is focused on defensive architecture, secure development, and risk assessment, not offensive security or penetration testing.)

Key Responsibilities

  • Secure Architecture: Lead the design, implementation, and validation of security controls and reference architectures for a complex hybrid environment (AWS, on-prem, and colocation).
  • Risk Assessment: Conduct threat modeling and technical risk assessments for new and existing trading systems, applications, and infrastructure to identify and mitigate design-level flaws.
  • Secure the SDLC: Champion "shift-left" security principles. You will partner directly with developers to perform deep security code reviews , integrate security tooling, and resolve design-stage risks.
  • Act as Subject Matter Expert: Serve as the firm's technical authority on application, network, and cloud security, providing expert guidance and mentorship to engineering teams.
  • Drive & Automate: Drive security research, custom tool development, and automation to scale the security function and continuously improve the firm's resilience.
  • Communicate & Influence: Report on security posture, gaps, and recommendations to technical and business stakeholders, influencing strategy through clear, factual reasoning.

What We're Looking For (Requirements)

  • Experience: 5-10+ years of deep, hands-on experience in Application Security, Security Architecture, or Product Security.
  • Technical Expertise: Expert-level understanding of security principles, vulnerability classes, and mitigation strategies (e.g., OWASP Top 10, CWE).
  • Proven Skills: Proven, hands-on experience with threat modeling (e.g., STRIDE), technical risk assessments, and secure architecture design.
  • Engineering Background: A strong technical foundation in software development (e.g., Python, C++, Go) and the ability to perform detailed security code reviews.
  • Modern Infrastructure Security: Expertise in securing modern infrastructure, including cloud (AWS preferred), on-premise systems, data stores, and containerized environments (e.g., Kubernetes).
  • Communication: Exceptional communication and leadership skills. You must have the ability to explain complex vulnerabilities to developers and business risks to stakeholders.

The Ideal Candidate

  • Is intellectually curious, humble, and driven by a continuous learning mindset.
  • Is a natural collaborator who thrives in a team-oriented, high-performance environment.
  • Has a strong "builder" and "architect" mentality.
  • Can manage multiple, complex projects and deliverables without close supervision.
  • Experience in finance (HFT, quantitative trading, or fintech) is a significant advantage, but not essential for a candidate with exceptional technical depth.

If this outstanding opportunity sounds like your next career move, please submit through "Apply Now" or send your resume in Word format to Danny Kwan at resume@pinpointasia.com and put Senior Application Security Engineer - Quantitative Trading in the subject header.

Data provided is for recruitment purposes only.

_________________________________________________________

Headquartered in Hong Kong, Pinpoint Asia is the go-to Specialist Firm for Technology Recruitment

We are a team of specialist tech recruiters (many of our recruiters come from an IT background) and we serve a wide range of clients, all the way from tech startups (especially FinTech) to some of the top Financial Institutions on Wall Street and several other large scale enterprises in other industries.

Our significant market reputation and status as the leading search firm for many of our clients is a direct result of our strong industry relationships, intimate understanding of the marketplace and proven ability to deliver results.

Our vision isto help companies hire smarter and help job seekers get closer to their career aspirations.

To see all our open jobs please reach out to us at https://pinpointasia.com/job-search/ (EA License #79256)

We are also seeking top-calibre candidates for the following exciting roles:

1) Python Developer (Quantitative Focus)- Leading Investment Bank

2) Technical Trading Operations Analyst (HFT / Systematic Trading)

3) IT Procurement Officer - Financial Services Industry

Apply
23389330
Ad