Create New Account
Sign up to continue searching for suitable jobs in Web 3.0

OR
Terms of Use
Already have an account?

Log In to Your Account
Log in to continue searching for suitable jobs in Web 3.0

OR
Don’t have an account?
Coins.ph
Security Engineering Team Lead
atΒ Coins.ph
5 months ago | 333 views | 1 applications

Security Engineering Team Lead

Full-time
Shanghai

About the company

Coins is the most established crypto brand in The Philippines and has gained the trust of more than 18 million users. Through the easy-to-use mobile app, users can buy and sell a variety of different cryptocurrencies and access a wide range of financial services. Coins is fully regulated by the Bangko Sentral ng Pilipinas (BSP) and is the first ever crypto-based company in Asia to hold both Virtual Currency and Electronic Money Issuer licenses from a central bank.

Job Summary

Responsibilities

πŸ“. Lead the Security Engineering team with a focus on corporate IT, cloud, infra and networking, and applications. πŸ“. Lead and conduct VAPT/SAST/DAST/MAST activities etc, Source code review and threat modelling on various platforms such as infrastructure, web application and mobile applications πŸ“. Author documentation of findings, analysis, remediation recommendations, report preparation and presentation of identified vulnerabilities/weakness πŸ“. Lead the implementation and operation of secure development lifecycle and automation of security tools and scanner to ensure our products and systems are secure πŸ“. Develop attack techniques, tool/ exploit development, intelligence analysis and adversarial tactics πŸ“. Provide guidance to application and devops team on security best practices πŸ“. Support remediation effort and track open issues and follow up to ensure remediation πŸ“. Evaluate and implement new technologies while keeping in view the cybersecurity risks, technology risks and regulatory compliance; πŸ“. Involve in reviewing various security aspects for new initiatives that interface and connect with external parties (like those involved in leveraging open standards and APIs); πŸ“. Develop and implement a Cloud Security Design review process for cloud computing use, including IAAS, PAAS and SAAS implementations; Provide advice on data protection and security controls in Big Data and data analytic implementations;
πŸ“. To provide and bring in technical expertise to validate application, cloud and corporate office architecture, design, code, and implementation according to security standards across the company πŸ“. IT architecture and Platform suite including Data. πŸ“. To Implement and manage security components within the platform (AWS Cloud implementation) around automation, access controls, compliance, alerting, and monitoring. πŸ“. To recognize areas of security improvements within the platform and support a secure continuous delivery approach. πŸ“. To assess the current Platform infrastructure and work with leaders to develop strategies and a roadmap for improvement. πŸ“. Lead and implement endpoint security controls and security hardening baseline across all endpoints including system logging.

Requirements

πŸ“. Bachelor's degree in Cybersecurity, Computer Science, or similar. πŸ“. 10+ years working in a security engineering role within a crypto, web3, tech or banking company, with 2 years in a leadership role. πŸ“. Ability to to communicate effectively in English and Chinese πŸ“. A passion for solving complex challenges in high-growth startups. πŸ“. Self-motivation and drive to learn new skills. πŸ“. Recognized training or cybersecurity certifications (e.g., OSCP, OWSP, OSEP, OSWA or OSWE). πŸ“. In-depth understanding of common attacker tools and techniques, incident response, and prevention. πŸ“. Experience with AWS, and other cloud platforms is preferred. πŸ“. Experience with Okta, GSuite,PAM and cloud-based ZTNA services is preferred. πŸ“Strong communication skills with the ability to explain technical security and software concepts to a non-technical audience. πŸ“. Experience with Python, Java, Terrafor, and/or Kubernetes. πŸ“. Strong knowledge of common software development tools and infrastructure, including CI/CD tooling and pipelines. πŸ“. Published articles, journals, or blogs related to cybersecurity.

Similar jobs

about 2 hours ago | 6 views | Be the first one to apply
Full-time
Start-up
Remote
about 3 hours ago | 5 views | Be the first one to apply
Full-time
Remote
1 day ago | 8 views | Be the first one to apply
Full-time
United States
$170,000 To $210,000 per year
1 day ago | 6 views | Be the first one to apply
Full-time
Singapore
$90,000 To $180,000 per year
4 days ago | 35 views | Be the first one to apply
Full-time
San Francisco