We are a MAS licensed startup that has been in business for the past 5 years. We have recently been recognized as the PayTech of the Year at 2024 Asia FinTech Awards. With a profitable MVP, we are now focused on scaling our business model globally.

The Cybersecurity Engineer (Technology Risk & Blue Team) play a critical role in managing technology risk, IT audits, security operations, and compliance.

What You’ll Do:

1. Technology Risk Assessment for Regional Regulatory Compliance

• Conduct technology risk analysis, ensuring alignment with business and regional regulatory requirements.
• Maintain, document and update changes to policies, SOPs, artifacts, risk registers, etc.
• Perform Level 1 risk assessments for vendor assessment (TPRM), regulatory and licensing adherence.
• Prepare and submit documentation for global digital payment licensing and regulatory compliance.
• Actively engage in certification, auditing, findings , assessment and compliance efforts.

2. Blue Team Operations

• Conduct detailed assessment & audit on all security controls, esp. email, endpoints, app., data, etc.
• Perform Level 1 configuration, settings & baselines, for MDM, endpoint, IAM, PAM, xDR, SIEM, data & network security, according to NIST, ENISA, CISA and MITRE framework protocols.
• Perform Level 1 documentation efforts, including mapping, inputs, configuring, track & monitor, etc.
• Collaborate, and follow-up with other key technical team members and HODs.

3. Data Protection & Privacy

• Perform data protection measures including encryption, tokenization, DLP solutions, etc.
• Ensure compliance with GDPR, PDPA, and other data privacy regulations.
• Perform IAM/PAM configuration & policies, secure authentication, and third-party security assessments.
• Develop and maintain policies for data lifecycle management including data classification, retention, backup, and disposal.

What We’re Looking For:

• Min. 3 years of experience in technology risk, blue team operations, and regulatory compliance.
• Diploma or Degree in IT, cybersecurity, or related field.
• Proficient in both English and Mandarin as you will need to work closely with Chinese vendors.
• Experience in digital payments, financial services, or banking is preferred.
• Expertise in technology risk, defensive strategies, endpoint security, IAM, PAM, and access control.
• Strong knowledge of security frameworks, layered defense, SIEM, endpoint & VPN security, DLP, etc.
• Familiarity with vulnerability management, and security configuration and automation.
• Relevant certifications such as Comptia Security+, CEH, or vendor/industry certifications is an added advantage.

Benefits

Competitive compensation and benefits packages

Regional exposure and career growth opportunities

Opportunity to work with a dynamic and innovative digital payments

Exposure to cross-functional collaboration and involvement

Mentorship and guidance from experienced professionals