Cybersecurity Engineer (Technology Risk & Blue Team)
We are a MAS licensed startup that has been in business for the past 5 years. We have recently been recognized as the PayTech of the Year at 2024 Asia FinTech Awards. With a profitable MVP, we are now focused on scaling our business model globally.
The Cybersecurity Engineer (Technology Risk & Blue Team) play a critical role in managing technology risk, IT audits, security operations, and compliance.
What You’ll Do:
1. Technology Risk Assessment for Regional Regulatory Compliance
- Conduct technology risk analysis, ensuring alignment with business and regional regulatory requirements.
- Maintain, document and update changes to policies, SOPs, artifacts, risk registers, etc.
- Perform Level 1 risk assessments for vendor assessment (TPRM), regulatory and licensing adherence.
- Prepare and submit documentation for global digital payment licensing and regulatory compliance.
- Actively engage in certification, auditing, findings , assessment and compliance efforts.
2. Blue Team Operations
- Conduct detailed assessment & audit on all security controls, esp. email, endpoints, app., data, etc.
- Perform Level 1 configuration, settings & baselines, for MDM, endpoint, IAM, PAM, xDR, SIEM, data & network security, according to NIST, ENISA, CISA and MITRE framework protocols.
- Perform Level 1 documentation efforts, including mapping, inputs, configuring, track & monitor, etc.
- Collaborate, and follow-up with other key technical team members and HODs.
3. Data Protection & Privacy
- Perform data protection measures including encryption, tokenization, DLP solutions, etc.
- Ensure compliance with GDPR, PDPA, and other data privacy regulations.
- Perform IAM/PAM configuration & policies, secure authentication, and third-party security assessments.
- Develop and maintain policies for data lifecycle management including data classification, retention, backup, and disposal.
What We’re Looking For:
- Min. 3 years of experience in technology risk, blue team operations, and regulatory compliance.
- Diploma or Degree in IT, cybersecurity, or related field.
- Proficient in both English and Mandarin as you will need to work closely with Chinese vendors.
- Experience in digital payments, financial services, or banking is preferred.
- Expertise in technology risk, defensive strategies, endpoint security, IAM, PAM, and access control.
- Strong knowledge of security frameworks, layered defense, SIEM, endpoint & VPN security, DLP, etc.
- Familiarity with vulnerability management, and security configuration and automation.
- Relevant certifications such as Comptia Security+, CEH, or vendor/industry certifications is an added advantage.
Benefits
Competitive compensation and benefits packages
Regional exposure and career growth opportunities
Opportunity to work with a dynamic and innovative digital payments
Exposure to cross-functional collaboration and involvement
Mentorship and guidance from experienced professionals