Job Description
Security Engineer/Senior Security Engineer This role focuses on implementing and advancing the company's Secure Software Development Lifecycle (S-SDLC), covering security requirements, code audits, testing, deployment, and continuous operations.
Key Responsibilities
- Drive S-SDLC implementation: security requirement analysis, secure code review, penetration testing, secure deployment, and operational security maintenance.
- Maintain and optimize security platforms/tools including EDR, Zero Trust, IAM, DLP, WAF, and other cybersecurity products.
- Conduct log analysis and alert monitoring using SOC/SIEM platforms for incident triage, classification, and post-mortem reviews.
- Manage vulnerability lifecycle: monitoring, risk assessment, remediation tracking, verification testing, and process improvement.
- Provide security consultancy: risk assessments, secure operation guidance, and security best practice recommendations across teams.
Job Requirements
- 2+ years experience in product security/SecOps/security operations. Bachelor's degree or above preferred, especially in Computer Science or Cybersecurity.
- Solid understanding of networking fundamentals, system administration, and common vulnerability patterns with mitigation strategies.
- Proficiency with security tools/platforms and ability to interpret attack patterns/security alerts.
Preferred Qualifications
- Risk ownership: Strong sense of responsibility with ability to track vulnerabilities/incidents to resolution.
- Collaboration skills: Effective communicator who can align technical teams on risk remediation.
- Process orientation: Ability to document procedures, create SOPs, and produce post-incident reports.
- Continuous learning: Willingness to expand technical knowledge through hands-on practice.
- Flexibility: Initial 6-month remote work in China, followed by relocation opportunities to Bangkok/Kuala Lumpur with distributed work arrangements.
Career Development
This position offers significant growth potential in international cybersecurity operations with exposure to cutting-edge security technologies and cross-border collaboration opportunities in Southeast Asian markets.
