Cybersecurity Engineer (Technology Risk & Blue Team)

Cybersecurity Engineer (Technology Risk & Blue Team)

Team

IT

Location

Malaysia

Type

Full-Time

We are a MAS licensed startup that has been in business for the past 5 years. We have recently been recognized as the PayTech of the Year at 2024 Asia FinTech Awards. With a profitable MVP, we are now focused on scaling our business model globally.

The Cybersecurity Engineer (Technology Risk & Blue Team) play a critical role in managing technology risk, IT audits, security operations, and compliance.

What You’ll Do:

1. Technology Risk Assessment for Regional Regulatory Compliance

  • Conduct technology risk analysis, ensuring alignment with business and regional regulatory requirements.
  • Maintain, document and update changes to policies, SOPs, artifacts, risk registers, etc.
  • Perform Level 1 risk assessments for vendor assessment (TPRM), regulatory and licensing adherence.
  • Prepare and submit documentation for global digital payment licensing and regulatory compliance.
  • Actively engage in certification, auditing, findings , assessment and compliance efforts.

2. Blue Team Operations

  • Conduct detailed assessment & audit on all security controls, esp. email, endpoints, app., data, etc.
  • Perform Level 1 configuration, settings & baselines, for MDM, endpoint, IAM, PAM, xDR, SIEM, data & network security, according to NIST, ENISA, CISA and MITRE framework protocols.
  • Perform Level 1 documentation efforts, including mapping, inputs, configuring, track & monitor, etc.
  • Collaborate, and follow-up with other key technical team members and HODs.

3. Data Protection & Privacy

  • Perform data protection measures including encryption, tokenization, DLP solutions, etc.
  • Ensure compliance with GDPR, PDPA, and other data privacy regulations.
  • Perform IAM/PAM configuration & policies, secure authentication, and third-party security assessments.
  • Develop and maintain policies for data lifecycle management including data classification, retention, backup, and disposal.

What We’re Looking For:
  • Min. 3 years of experience in technology risk, blue team operations, and regulatory compliance.
  • Diploma or Degree in IT, cybersecurity, or related field.
  • Proficient in both English and Mandarin as you will need to work closely with Chinese vendors.
  • Experience in digital payments, financial services, or banking is preferred.
  • Expertise in technology risk, defensive strategies, endpoint security, IAM, PAM, and access control.
  • Strong knowledge of security frameworks, layered defense, SIEM, endpoint & VPN security, DLP, etc.
  • Familiarity with vulnerability management, and security configuration and automation.
  • Relevant certifications such as Comptia Security+, CEH, or vendor/industry certifications is an added advantage.

Benefits
checkmark

Competitive compensation and benefits packages

checkmark

Regional exposure and career growth opportunities

checkmark

Opportunity to work with a dynamic and innovative digital payments

checkmark

Exposure to cross-functional collaboration and involvement

checkmark

Mentorship and guidance from experienced professionals

Apply