Senior Systems Engineer

time left to apply End Date: August 23, 2025 (12 days left to apply)

job requisition id R92319

WELLINGTON MANAGEMENT

Wellington Management offers comprehensive investment management capabilities that span nearly all segments of the global capital markets. Our investment solutions, tailored to the unique return and risk objectives of institutional clients in more than 50 countries, draw on a robust body of proprietary research and a collaborative culture that encourages independent thought and healthy debate. As a private partnership, we believe our ownership structure fosters a long-term view that aligns our perspectives with those of our clients.

The Attack Surface Management team is seeking a Senior Security Engineer to be a key member of our team. There will be a focus on building, maturing, and operationalizing a configuration baselines program spanning physical and virtual systems, serverless workloads, container security, and other platforms. This engineer will assist in minimizing attack surfaces through vulnerability management, managing a baselines program, cloud configuration assessments, incorporating threat intelligence, and building policies, standards, and processes. The ideal candidate is passionate about cybersecurity, curious, and willing to challenge the status quo in Attack Surface Management.

• Develop and mature an internal security hardening and baselines program, ensuring attack surface risk is reduced according to CIS Controls and current cyber threats.
• Assess vulnerabilities and communicate findings to stakeholders, recommending mitigation strategies.
• Use Cloud Native Application Protection Platform (CNAPP) technology to assess findings and advise application teams.
• Act as a security liaison between Security and Development teams, providing security recommendations for the CI/CD pipeline.
• Stay updated on cyber threats and participate in mapping threats to our attack surface.
• Review threat intelligence sources for vulnerabilities relevant to Wellington.
• Engage with third-party vendors to understand exposure to vulnerabilities.
• Contribute to team documentation and policies.

• Passion for cybersecurity.
• Self-motivated, curious, and proactive in risk assessment.
• BSc in Information Systems or related field, or equivalent experience.
• Experience developing processes for evolving attack surfaces.
• Excellent communication skills for diverse audiences.
• Effective in global team collaboration.
• Mentorship abilities for junior team members.

• Experience with CIS Controls and risk assessment programs.
• Knowledge of cyber-attack types like DDoS, SQLi, XSS.
• Hands-on with vulnerability assessment tools and frameworks (CVE, CVSS, EPSS).
• Experience assessing and communicating security risks.
• Proficiency in scripting languages like Python.
• Knowledge of Infrastructure as Code, especially AWS.
• Understanding of network architecture and software development.
• Familiarity with threat intelligence feeds.
• Preferred: Experience with Splunk, Qualys, WIZ, Artifactory, AWS CloudFormation.
• Preferred: AWS services knowledge.
• Preferred: Personal labs, security meetups, research.

JOB TITLE: Senior Systems Engineer

JOB FAMILY: Systems Administration

LOCATION: London

We encourage candidates who believe they can excel in this role to apply, even if they do not meet 100% of the qualifications. We value diversity and inclusion, considering a broad range of experiences and backgrounds.

Wellington Management is an equal opportunity employer. For accommodations during the application process, contact us at GMWTalentOperations@wellington.com.

Our work model involves 4 days in the office and 1 day remote per week to foster community and flexibility.

Founded in 1928, Wellington Management is a leading independent investment management firm serving clients worldwide. We are committed to diversity, inclusion, and long-term investment excellence, fostering a collaborative culture where diverse perspectives lead to better decisions.