Responsibilities

📍. Lead the Security Engineering team with a focus on corporate IT, cloud, infra and networking, and applications. 📍. Lead and conduct VAPT/SAST/DAST/MAST activities etc, Source code review and threat modelling on various platforms such as infrastructure, web application and mobile applications 📍. Author documentation of findings, analysis, remediation recommendations, report preparation and presentation of identified vulnerabilities/weakness 📍. Lead the implementation and operation of secure development lifecycle and automation of security tools and scanner to ensure our products and systems are secure 📍. Develop attack techniques, tool/ exploit development, intelligence analysis and adversarial tactics 📍. Provide guidance to application and devops team on security best practices 📍. Support remediation effort and track open issues and follow up to ensure remediation 📍. Evaluate and implement new technologies while keeping in view the cybersecurity risks, technology risks and regulatory compliance; 📍. Involve in reviewing various security aspects for new initiatives that interface and connect with external parties (like those involved in leveraging open standards and APIs); 📍. Develop and implement a Cloud Security Design review process for cloud computing use, including IAAS, PAAS and SAAS implementations; Provide advice on data protection and security controls in Big Data and data analytic implementations;
📍. To provide and bring in technical expertise to validate application, cloud and corporate office architecture, design, code, and implementation according to security standards across the company 📍. IT architecture and Platform suite including Data. 📍. To Implement and manage security components within the platform (AWS Cloud implementation) around automation, access controls, compliance, alerting, and monitoring. 📍. To recognize areas of security improvements within the platform and support a secure continuous delivery approach. 📍. To assess the current Platform infrastructure and work with leaders to develop strategies and a roadmap for improvement. 📍. Lead and implement endpoint security controls and security hardening baseline across all endpoints including system logging.

Requirements

📍. Bachelor's degree in Cybersecurity, Computer Science, or similar. 📍. 10+ years working in a security engineering role within a crypto, web3, tech or banking company, with 2 years in a leadership role. 📍. Ability to to communicate effectively in English and Chinese 📍. A passion for solving complex challenges in high-growth startups. 📍. Self-motivation and drive to learn new skills. 📍. Recognized training or cybersecurity certifications (e.g., OSCP, OWSP, OSEP, OSWA or OSWE). 📍. In-depth understanding of common attacker tools and techniques, incident response, and prevention. 📍. Experience with AWS, and other cloud platforms is preferred. 📍. Experience with Okta, GSuite,PAM and cloud-based ZTNA services is preferred. 📍Strong communication skills with the ability to explain technical security and software concepts to a non-technical audience. 📍. Experience with Python, Java, Terrafor, and/or Kubernetes. 📍. Strong knowledge of common software development tools and infrastructure, including CI/CD tooling and pipelines. 📍. Published articles, journals, or blogs related to cybersecurity.