FinX aims to build a digital financial platform that will deliver on the promise of simplicity, technological advancement, and superior customer products & services for millions of people in Vietnam.
As a Security Engineer, you’ll be part of a friendly and supportive Hosting & Reliability Engineering team within a company that has a fantastic culture, adopts public cloud, modern tools and technologies.
Responsibilities
- Have full autonomy to shape the team, culture, ways of working and your career paths
- Be responsible for the security governance of various cloud native applications & services
- Partner with Product & Engineering teams to identify cyber security risks on our platform and define tactical & strategic mitigation plans
- Conduct complete security lifecycle architecture and technical assessments, including but not limited to design requirements assessment, threat modeling, and risk assessment
- Build and champion a standardized set of security requirements and design patterns for internal systems and product offerings
- Maintain SLA’s by observing and analyze our platform for new/existing vulnerabilities
- Proactively identify & detect false-positives and logic changes
- Actively participate in company’s Software Development Lifecycle (SDLC)
- Monitor current and proposed laws, regulations, industry standards and ethical requirements related to privacy and information security
- Influence security strategy and roadmap by leveraging the collective strength of the security team and articulating the capabilities needed to effectively manage the cyber security risk
- Drive security QBR in partnership with Product & Engineering teams
- Represent the company within the security community and with customers on topics related to the security of the company’s products and services
- Report to Head of Hosting and Reliability Engineering.
Qualification and Requirements
- Extensive knowledge at all layers of the information security stack with hands-on security engineering experience on AWS, GCP, Azure, TF, Kubernetes, etc.
- Working experience in a security focused role in the technology or other technology heavy industry (e.g. Financial Services)
- Consistent track record designing and integrating security controls in cloud-based architectures
- Significant experience conducting threat modeling and risk assessments of cloud services, demonstrating clear ability to identify unique vulnerabilities
- Experience with collaborating with engineering teams on design and implementation of best practices for security as code
- Have the mindset of “First-Time-Right” and “Secure-By-Default”
- Working knowledge of the MITRE ATT&CK, NIST CSF, and CIS Critical Control frameworks
- Fluent in English
What we can offer?
- Attractive income (base salary & performance bonus) in Viet Nam fintech markets
- Full-salary paid for social insurance & Premium healthcare package
- 20 days of annual leave, 10 days of sick leave and public holidays.
- Devices provided (MacBook, mouse, monitor…)
- Frequent team bonding and company activities/ events.
- Work in a newly innovated office and open working space.
- Improve English skills, learn more about thinking and working style. Fully adopt Agile way of working, lean team structure.
- Working with many talented people with good manners from 13 various cultural backgrounds: US, UK, India, China, Spain, etc.
- Empowered to listen to creative ideas, and there is no distance between bosses and employees.
FinX begins to establish and bridge new fintech businesses in order to create a better tomorrow for Vietnamese people. Here is an inspired working environment where you will be able to access and experience cutting-edge technologies in industry and creativity