Lead Security Engineer
Central Singapore, Singapore
Applications have closed
Hex Trust
Access custody, DeFi, brokerage, and financing services built on regulated infrastructure with Hex Trust, fully-licensed and insured digital asset custodian in Asia.ABOUT HEX TRUST
Hex Trust is Asia’s leading provider of digital asset custody solutions for Banks & Financial Institutions, using leading-edge Blockchain technology. Led by innovators from the financial services industry, Hex Trust has built a proprietary platform that delivers a new way for financial institutions, asset managers, and corporations to safely and efficiently operate in the Blockchain ecosystem. Institutional adoption of digital assets and DeFi requires a fundamental shift in the way banks and financial institutions operate. Hex Trust is the link that connects the traditional financial world to the digital assets ecosystem.
POSITION OBJECTIVE
We have a newly created position of Lead Security Engineer to help us grow our Information Security Team. You will be embedded into Hex Trust’s Developer environment, leading the DevSecOps efforts on our platforms. This role is technically hands-on and you, the applicant will need to bring your A game in deploying industry leading SecOps practices, frameworks, tool arsenal, and also be able to help design and architect solutions. The role, while highly technical, is a management position, you need to have experience in leading and managing successful teams. As you can see from our introduction, we are growing fast and attitude, passion and mission focus are just as important to us as your technical ability.
We expect that you are coming from a regulated or licenced environment, so you know how to build systems to conform to frameworks and guidelines such as OWASP, ISO, CIS and MITRE. You thrive in a CI/CD environment working with NodeJS, Typescript, Rust, Python languages and you have exposure or at least an understanding of the DeFi/Blockchain’s world.
DUTIES & RESPONSIBILITIES
- Lead application security reviews and threat modeling, including Software Composition Analysis (SCA), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), and Runtime Application Self-Protection (RASP)
- Working with enterprise wide security architecture for on-prem and cloud-based application security solutions such as SonarQube, Acunetix, Snyk and proficiency Undertake Vulnerability Management (Code, Application, Platform and System) activities to help protect the enterprise.
- Experience in working with Container environments on Docker, Terraform, Nomad, Consul and Ansible. The applicant should possess one or more common languages NodeJS, Typescript, Rust, Python.
- Ability to articulate complex topics (written and verbal) to both a technical and non technical audience.
- A strong team leader and people manager capable of demonstrating solid work ethic and commitment to achieving team and organisation goals.
Requirements
- University degree (Information Security)
- SANS Institute, ISC2 or ISACA certifications such as : CISSP, GPYC, GEVA, GWAPT CISM,CASE, CASS, CSSLP, GWEB, GCPN
- Have significant integration experience as a software architect
- Be excellent in interpersonal and collaboration skills
- Be able to present proposals to technical and business audiences
- Be able to operate at an intermediate level of written and spoken communication
- Be excellent in communication skills and empathy towards customers
- Have good understanding of applied cryptography
Benefits
Make a difference and get yourself noticed in a rapidly growing company, providing multiple opportunities for career and personal development. We are a dynamic, multi-cultural team of smart, motivated people based in brand new offices in the heart of Hong Kong’s Central business district. We’ll give you tough challenges, while offering rewarding results to match, as well as regular team and social events and flexible working arrangements when needed.
- Diverse and inclusive team: A diverse and international team who come from over 15 countries with diversity of both thought and background on a mission to disrupt the digital asset industry. We support each other and take pride in our achievements. We attract talent from well known global multinational companies and institutions.
- Ownership & learning-curve: Opportunity to make an active contribution to the growth story of one of the leading disruptors in the FinTech industry.
- Communication: We treat our staff like owners by being open, transparent, and providing regular communication about our direction and progress. We provide regular insight into decision making, strategy, and corporate-wide objectives and key results progress so that each of our employees is aligned and empowered. And we constantly strive to improve how we can communicate more effectively.
- Office: We offer both the flexibility to work remotely or to work in style and comfort from our modern office in Central, Hong Kong, the heart of the Asian financial services centre.
Tags: Ansible Application security Blockchain CI/CD CISM CISSP Cloud Cryptography DAST DevSecOps Docker FinTech GWAPT ISACA Node.js OWASP Python Rust SANS SAST SecOps SonarQube Strategy Terraform TypeScript Vulnerability management
Perks/benefits: Career development Flex hours Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs