Secure the Future of Fintech in Southeast Asia
At BJAK, we're revolutionizing financial services across Southeast Asia, and technology is at the heart of it all. From instant insurance quotes to automated claims, we're building the future of fintech. But with millions of users and rapid growth comes a critical need: world-class security. That's where you come in.
We're seeking a battle-tested Security Engineer to champion the protection of our platforms, devices, and data. This isn't a desk job. This is a high-impact role for a proactive problem-solver who can build, monitor, respond, and harden our systems against evolving threats, all while staying one step ahead.
Reporting directly to senior management, this role demands someone who thrives under pressure, embraces fast execution, and owns their outcomes. If you're seeking a predictable 9-to-5, look elsewhere. But if you operate with urgency, think like an owner, and are driven by complex security challenges, you'll find your home here.
Your Mission:
Be the Shield: Own end-to-end cybersecurity across our entire landscape: infrastructure, cloud, endpoints, and applications.
Hunt and Eliminate Threats: Monitor SOC alerts, conduct in-depth threat intelligence analysis, and lead incident response from initial detection to complete resolution.
Fortify Our Defenses: Implement, configure, and manage our suite of security tools, including EDRs, firewalls, antivirus, and intrusion detection systems.
Proactively Harden: Perform vulnerability assessments and penetration testing, prioritize risks, and implement fixes before they become problems.
Embed Security in Development: Champion DevSecOps practices throughout the software development lifecycle, ensuring security is baked in from the start.
Secure the Cloud: Evaluate and secure our cloud infrastructure (GCP, AWS, or Azure), focusing on IAM, encryption, and comprehensive audit logging.
Ensure Compliance: Lead security audits and support regulatory compliance efforts, adhering to frameworks like ISO 27001, NIST, and other relevant standards.
Collaborate and Educate: Partner with cross-functional teams (DevOps, Compliance, Legal, Product) to cultivate a security-first culture across the organization.
Train the Team: Conduct engaging security awareness training and simulate real-world attacks to enhance employee readiness.
Manage Risk: Maintain the security risk register and continuously improve controls to address emerging threats.
Interface with Stakeholders: Work directly with external auditors, regulators, and third-party vendors to demonstrate our security posture and resolve any findings efficiently.
Are You Our Ideal Candidate?
You act like an owner – no excuses, just results.
You remain calm under pressure and make decisive decisions during incidents.
You're self-motivated and proactive; you don't wait for instructions.
You're comfortable juggling multiple responsibilities and adapting to changing priorities.
You're passionate about protecting our users, systems, and the integrity of our business.
You proactively identify and fix problems, even outside your immediate responsibilities.
You prioritize speed, clarity, and delivering tangible outcomes.
You want to be part of a high-performing team where your contributions directly impact millions of users.
What You'll Bring to the Table:
Bachelor’s degree in Computer Science, Cybersecurity, or a related technical field.
3+ years of hands-on experience in cybersecurity or information security roles, ideally in high-growth or regulated industries.
Deep understanding of cybersecurity tools and practices, including EDR, firewalls, SIEM, IDS/IPS, and antivirus platforms.
Proven track record of successfully handling security incidents, performing root cause analysis, and implementing effective controls.
Experience with cloud security (GCP, AWS, Azure) and a working knowledge of IAM, encryption, and cloud-native threat modeling.
Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIST, HIPAA, local data protection laws).
Solid understanding of DevSecOps, secure software development, and CI/CD pipeline security.
Excellent communication skills and the ability to clearly articulate security concepts to both technical and non-technical audiences.
Immediate availability is a significant plus.
Bonus Points:
Cybersecurity certifications such as CISSP, CEH, OSCP, or equivalent.
Experience in fintech, banking, or another high-risk digital platform environment.
Experience working directly with auditors, regulators, or compliance committees.
Familiarity with ethical hacking, red teaming, or adversary simulation tools.
Scripting or automation skills to improve security operations at scale.
Our Culture: High-Speed, High-Trust
Forget corporate bureaucracy. We're a fast-moving startup where impact matters more than titles. We tackle tough problems head-on, prioritize execution above all else, and empower everyone to think independently and take ownership.
Security at BJAK isn't just a department; it's a leadership-level priority. We're looking for someone who wants a seat at the table, cares about doing things right, and values clarity, urgency, and execution over red tape.
What We Offer:
Competitive salary and performance-based bonuses.
Flexible hybrid working model based on trust and autonomy.
Direct access to senior leadership and visibility into strategic decisions.
A high-impact role with ownership from day one, where your work protects millions of users.
The opportunity to shape BJAK’s security architecture from the ground up.
Rapid career growth in a mission-driven fintech company.
About BJAK
BJAK is the leading digital insurance platform in Southeast Asia. Headquartered in Malaysia with operations in Thailand, Taiwan, and Japan, we empower millions of users with transparent and affordable financial protection through Bjak.com.
We're simplifying complex financial services through automation, AI, and a secure digital infrastructure, making finance faster, smarter, and safer for everyone.
If you're ready to lead cybersecurity in a dynamic startup that demands speed, integrity, and ownership, we want to hear from you. Apply now and help us secure the future of fintech in Southeast Asia!