Cybersecurity Engineer: Defend Southeast Asia's Leading Fintech Platform
At BJAK, we're revolutionizing financial services across Southeast Asia. Millions of users rely on our platform for everything from real-time insurance quotes to automated claims processing. We're not just building a business; we're building trust. That's where you come in.
We're seeking a sharp, driven Cybersecurity Engineer to take ownership of our security posture. This isn't a back-office role. This is a high-impact, hands-on opportunity to build, monitor, and defend our infrastructure against evolving threats. If you're ready to take the lead in a fast-paced environment and protect a platform that impacts millions, let's talk.
Your Mission:
Be the Shield: Own and drive the end-to-end cybersecurity function across infrastructure, cloud, endpoints, and applications. You're the first and last line of defense.
Hunt and Neutralize: Monitor SOC alerts, conduct threat intelligence analysis, and lead incident response from detection to swift resolution.
Fortify the Defenses: Implement, configure, and manage critical security platforms like EDRs, firewalls, antivirus, and intrusion detection systems.
Proactive Risk Mitigation: Perform vulnerability assessments and penetration testing, prioritize risks, and implement fixes before they become problems.
Embed Security Everywhere: Drive DevSecOps practices across the entire software development lifecycle, ensuring security is baked in, not bolted on.
Cloud Guardian: Evaluate and secure our cloud infrastructure (GCP, AWS, or Azure), with a focus on identity and access controls, encryption, and audit logging.
Compliance Champion: Lead security audits and ensure compliance with frameworks like ISO 27001, NIST, and relevant data protection laws.
Collaborate and Educate: Work with cross-functional teams (DevOps, Compliance, Legal, Product) to foster a strong security culture across the company.
Train the Troops: Conduct security awareness training and simulate real-world attack scenarios to prepare our employees for potential threats.
Own the Risk Landscape: Maintain the security risk register and continuously improve controls in response to evolving threats.
Communicate with Confidence: Interface with external auditors, regulators, and third-party vendors to demonstrate our security readiness and resolve any findings.
Are You the Right Fit?
You think like an owner and take responsibility for your actions.
You thrive under pressure and make sound decisions during incidents.
You're a self-starter who takes initiative without waiting to be told what to do.
You're comfortable wearing multiple hats and juggling shifting priorities.
You're passionate about protecting users, systems, and business integrity.
You're proactive in identifying and addressing problems, even outside your direct responsibilities.
You prioritize speed, clarity, and delivering tangible results.
You're excited to join a high-performing team and make a significant impact.
What You Bring to the Table:
Bachelor’s degree in Computer Science, Cybersecurity, Information Security, or a related field.
3+ years of hands-on experience in cybersecurity or information security roles, ideally in a fast-paced or regulated environment.
Deep knowledge of cybersecurity tools and practices, including EDR, firewalls, SIEM, IDS/IPS, and antivirus platforms.
Proven experience handling security incidents, performing root cause analysis, and implementing effective controls.
Experience securing cloud environments (GCP, AWS, Azure), including IAM, encryption, and threat modeling.
Familiarity with regulatory and compliance frameworks (ISO 27001, NIST, HIPAA, etc.).
Solid understanding of DevSecOps, secure software development, and CI/CD pipeline security.
Excellent communication skills and the ability to clearly articulate complex technical concepts.
Immediate availability is a plus.
Bonus Points:
Cybersecurity certifications (CISSP, CEH, OSCP, or equivalent).
Experience in fintech, banking, or another high-risk digital platform environment.
Experience interacting with auditors, regulators, or compliance committees.
Familiarity with ethical hacking, red teaming, or adversary simulation techniques.
Scripting or automation skills for improving security operations.
Life at BJAK:
We're a startup at heart: fast-moving, high-trust, and results-oriented. Titles don't matter here; impact does. You'll have the autonomy to think independently, act quickly, and take full ownership of your work. If you're looking for a place where you can make a real difference, this is it. Security is a top priority at BJAK, and you'll have a direct line to senior leadership.
What We Offer:
Competitive salary and performance-based bonuses.
Hybrid work model with flexibility and trust.
Direct access to senior leadership and strategic decision-making.
A high-impact role with ownership from day one.
The opportunity to shape BJAK's security architecture from the ground up.
Rapid professional growth in a mission-driven fintech company.
About BJAK:
BJAK is Southeast Asia's leading digital insurance platform, operating in Malaysia, Thailand, Taiwan, and Japan. We're committed to making financial protection accessible and affordable for everyone. Join us and help build a safer, more secure future for millions.
Ready to take on the challenge? Apply now and let's build the future of fintech security together.