Defend the Digital Frontier: Cybersecurity Engineer at Southeast Asia's Leading Fintech
At BJAK, we're not just building a fintech platform; we're building trust. We power real-time insurance quotes, secure payments, and automated claims for millions across Southeast Asia. As a rapidly growing company, cybersecurity isn't an afterthought – it's our core.
We're searching for a battle-tested Cybersecurity Engineer to champion the protection of our entire ecosystem: platforms, devices, and critical data. Forget passive monitoring; this is a hands-on role where you'll build, monitor, respond, and harden our systems in real-time, always anticipating the next threat.
Reporting directly to senior management, you'll be a key player in a high-stakes environment where speed, ownership, and decisive action reign supreme. If you thrive on solving complex problems with autonomy and have a burning desire to secure a mission-critical operation, this is your arena.
Your Mission (Should You Choose to Accept It):
Own It All: Lead the end-to-end cybersecurity strategy across our infrastructure, cloud environments, endpoints, and applications.
Hunt and Neutralize: Monitor SOC alerts, conduct in-depth threat intelligence analysis, and orchestrate incident response from initial detection to complete resolution.
Fortify the Defenses: Implement, configure, and maintain cutting-edge security platforms, including EDRs, next-gen firewalls, antivirus solutions, and intrusion detection systems.
Find the Weaknesses: Conduct thorough vulnerability assessments and penetration tests, meticulously prioritize risks, and proactively implement robust fixes.
Secure the Pipeline: Champion DevSecOps practices throughout the entire software development lifecycle, ensuring security is baked in from the very beginning.
Cloud Guardian: Harden and secure our cloud infrastructure (GCP, AWS, or Azure), focusing on robust identity and access controls, data encryption, and comprehensive audit logging.
Compliance Commander: Lead security audits and spearhead regulatory compliance initiatives, adhering to frameworks like ISO 27001, NIST, and other relevant standards.
Collaborate and Conquer: Work hand-in-hand with cross-functional teams (DevOps, Compliance, Legal, Product) to cultivate a strong security culture across the organization.
Train and Prepare: Conduct engaging security awareness training and orchestrate realistic attack simulations to elevate employee readiness and response capabilities.
Manage the Risk: Maintain the security risk register and continuously refine our controls based on the ever-evolving threat landscape.
Interface with Confidence: Engage with external auditors, regulators, and third-party vendors to demonstrate our unwavering security posture and swiftly address any findings.
Are You the Right Operative?
You operate with an owner's mentality – action-oriented, results-driven, and accountable.
You remain calm and decisive under pressure, especially during critical incidents.
You're a self-starter who proactively identifies and tackles challenges without waiting for instruction.
You're adaptable and comfortable juggling multiple priorities in a dynamic environment.
You possess an unwavering commitment to protecting users, systems, and business integrity.
You take the initiative to improve any system or process, regardless of your specific role.
You prioritize speed, clarity, and tangible outcomes over mere activity.
You're eager to join a tight-knit, high-performing team where your contributions directly impact millions of users.
Your Arsenal:
Bachelor’s degree in Computer Science, Cybersecurity, or a related technical field.
3+ years of hands-on experience in cybersecurity or information security, ideally within high-growth or regulated industries.
Deep understanding of cybersecurity tools and practices, including EDR, firewalls, SIEM, IDS/IPS, and antivirus platforms.
A proven track record of successfully managing real-world security incidents, conducting thorough root cause analysis, and implementing effective remediation strategies.
Hands-on experience with cloud security (GCP, AWS, Azure), including IAM, encryption, and cloud-native threat modeling techniques.
Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIST, HIPAA, local data protection laws).
Solid grasp of DevSecOps principles, secure software development methodologies, and CI/CD pipeline security.
Exceptional communication skills, with the ability to clearly articulate complex technical concepts to both technical and non-technical audiences.
Immediate availability is a significant plus.
Bonus Points:
Relevant cybersecurity certifications (CISSP, CEH, OSCP, or equivalent).
Experience within the fintech, banking, or high-risk digital platform sectors.
Direct experience interacting with auditors, regulators, or compliance committees.
Familiarity with ethical hacking, red teaming, or adversary simulation methodologies.
Proficiency in scripting or automation to enhance security operations at scale.
Our Culture: High-Speed, High-Trust
We're not a bureaucratic corporation – we're a lean, agile startup that moves at warp speed. We tackle challenging problems head-on, prioritize execution above all else, and foster a culture of trust and autonomy. Titles are irrelevant; impact is everything. We expect everyone to think independently, act decisively, and take full ownership of their work.
At BJAK, security is a leadership-level priority. We offer you a seat at the table and encourage you to seize it. If you're passionate about doing things right, not just checking boxes, you'll thrive in our environment. We value clarity, urgency, and execution over unnecessary red tape.
Your Rewards:
Competitive salary and performance-based bonuses.
Flexible hybrid working model based on trust and autonomy.
Direct access to senior leadership and exposure to strategic decision-making.
A high-impact role with ownership from day one – your work directly safeguards millions of users.
The opportunity to shape BJAK's security architecture from the ground up.
Rapid career growth within a mission-driven fintech company backed by cutting-edge technology.
About BJAK:
BJAK is Southeast Asia’s largest digital insurance platform, headquartered in Malaysia with a growing presence in Thailand, Taiwan, and Japan. We empower millions of users to access transparent, affordable financial protection through Bjak.com.
We leverage automation, AI, and secure digital infrastructure to simplify complex financial services, making finance faster, smarter, and safer for everyone.
If you're a cybersecurity professional ready to lead the charge in a dynamic startup environment that demands speed, integrity, and unwavering ownership, we want to hear from you. Apply now and help us secure the future of fintech in Southeast Asia!