Guard the Fort: Cybersecurity Engineer for Southeast Asia's Fintech Leader
At BJAK, we're not just building fintech; we're building trust. As Southeast Asia's leading digital insurance platform, millions rely on our technology every day – from real-time insurance quoting to seamless payments and automated claims. That's why cybersecurity isn't just a department; it's the bedrock of our operations.
We're seeking a battle-tested Cybersecurity Engineer to take ownership of our security posture and defend our digital assets. This isn't a role for spectators. We need a builder, a monitor, a responder, and a threat hunter, ready to harden our defenses in real-time and anticipate the next wave of attacks.
Reporting directly to senior management, you'll have the autonomy and responsibility to make a real impact. If you're driven by high stakes, energized by rapid execution, and thrive on owning complex challenges, you've found your tribe.
Your Mission:
Command the Security Landscape: Own end-to-end cybersecurity across our entire infrastructure, including cloud environments, endpoints, and applications.
Hunt and Neutralize Threats: Monitor SOC alerts, conduct in-depth threat intelligence analysis, and lead incident response from initial detection to complete resolution.
Fortify Our Defenses: Implement, configure, and manage critical security platforms, including EDRs, firewalls, antivirus, and intrusion detection systems.
Identify and Eliminate Weaknesses: Conduct vulnerability assessments and penetration testing, prioritize risks, and proactively implement remediation strategies.
Champion Secure Development: Drive DevSecOps practices throughout the software development lifecycle, ensuring security is baked into every stage.
Secure the Cloud Frontier: Evaluate and harden our cloud infrastructure (GCP, AWS, or Azure), focusing on identity and access controls, encryption, and comprehensive audit logging.
Lead the Charge on Compliance: Manage security audits and support regulatory compliance efforts, adhering to frameworks like ISO 27001, NIST, and other relevant standards.
Collaborate and Educate: Work closely with cross-functional teams (DevOps, Compliance, Legal, Product) to cultivate a security-first culture across the organization.
Train the Troops: Conduct engaging security awareness training and simulate real-world attack scenarios to empower our employees to be the first line of defense.
Own the Risk: Maintain the security risk register and continuously improve our controls to address emerging threats.
Engage the Allies: Interface with external auditors, regulators, and third-party vendors to demonstrate our security readiness and swiftly address any findings.
You're the Right Candidate If You:
Are an Owner, Not a Renter: You take full responsibility and drive action without hesitation.
Stay Cool Under Fire: You remain calm, decisive, and effective during high-pressure incidents.
Are Self-Reliant and Proactive: You anticipate needs and take initiative without waiting for instructions.
Embrace Versatility: You're comfortable juggling multiple priorities and adapting to changing demands.
Are Passionate About Protection: You're deeply committed to safeguarding our users, systems, and business integrity.
Are a Fixer, Not a Complainer: You identify and resolve issues, even if they're outside your immediate scope.
Value Speed and Clarity: You prioritize delivering tangible results with speed and precision.
Want to Make a Difference: You're excited to join a high-performing team where your work directly impacts millions of users.
Your Arsenal:
Bachelor's degree in Computer Science, Cybersecurity, or a related technical field.
3+ years of hands-on experience in cybersecurity or information security, ideally in fast-paced or regulated environments.
Deep expertise in cybersecurity tools and practices, including EDR, firewalls, SIEM, IDS/IPS, and antivirus platforms.
A proven track record of successfully handling security incidents, performing root cause analysis, and implementing effective controls.
Hands-on experience with cloud security (GCP, AWS, Azure), including IAM, encryption, and cloud-native threat modeling.
Familiarity with relevant regulatory and compliance frameworks (e.g., ISO 27001, NIST, HIPAA, local data protection laws).
A solid understanding of DevSecOps principles, secure software development practices, and CI/CD pipeline security.
Excellent communication skills, with the ability to clearly articulate security concepts to both technical and non-technical audiences.
Bonus points for immediate availability.
Bonus XP:
Industry certifications such as CISSP, CEH, OSCP, or equivalent.
Experience in fintech, banking, or other high-risk digital platform environments.
Experience interfacing with auditors, regulators, or compliance committees.
Familiarity with ethical hacking, red teaming, or adversary simulation tools.
Scripting or automation skills to enhance security operations at scale.
Our Culture: Built for Speed, Driven by Trust
We're not your typical corporate environment. We're a fast-moving, high-trust startup where impact trumps titles. We tackle challenging problems head-on, prioritize execution above all else, and empower every team member to think independently, act decisively, and take full ownership.
At BJAK, security is a leadership imperative. If you're ready to take a seat at the table, advocate for best practices, and champion a culture of security, you'll thrive here. We value clarity, urgency, and results – not bureaucracy.
The Perks:
Competitive salary and performance-based bonuses.
A hybrid working model that offers autonomy and flexibility.
Direct access to senior leadership and exposure to strategic decision-making.
A high-impact role where your work directly protects millions of users.
The chance to shape BJAK's security architecture from the ground up.
Rapid professional growth within a mission-driven fintech company.
About BJAK: Securing Southeast Asia's Financial Future
BJAK is the leading digital insurance platform in Southeast Asia, headquartered in Malaysia with operations spanning Thailand, Taiwan, and Japan. We're dedicated to providing millions of users with transparent, affordable financial protection through Bjak.com.
We're revolutionizing complex financial services through automation, AI, and secure digital infrastructure, making finance faster, smarter, and safer for everyone.
If you're a cybersecurity professional who thrives in a fast-paced, high-stakes environment and is ready to lead the charge in protecting our users and our platform, we want to hear from you.