Lead Security Engineer
Central Singapore, Singapore
ABOUT HEX TRUST
Hex Trust is Asia’s leading provider of digital asset custody solutions for Banks & Financial Institutions, using leading-edge Blockchain technology. Led by innovators from the financial services industry, Hex Trust has built a proprietary platform that delivers a new way for financial institutions, asset managers, and corporations to safely and efficiently operate in the Blockchain ecosystem. Institutional adoption of digital assets and DeFi requires a fundamental shift in the way banks and financial institutions operate. Hex Trust is the link that connects the traditional financial world to the digital assets ecosystem.
We have a newly created position of Lead Security Engineer to help us grow our Information Security Team. You will be embedded into Hex Trust’s Developer environment, leading the DevSecOps efforts on our platforms. This role is technically hands-on and you, the applicant will need to bring your A game in deploying industry leading SecOps practices, frameworks, tool arsenal, and also be able to help design and architect solutions. The role, while highly technical, is a management position, you need to have experience in leading and managing successful teams. As you can see from our introduction, we are growing fast and attitude, passion and mission focus are just as important to us as your technical ability.
We expect that you are coming from a regulated or licenced environment, so you know how to build systems to conform to frameworks and guidelines such as OWASP, ISO, CIS and MITRE. You thrive in a CI/CD environment working with NodeJS, Typescript, Rust, Python languages and you have exposure or at least an understanding of the DeFi/Blockchain’s world.
DUTIES & RESPONSIBILITIES
- Lead application security reviews and threat modeling, including Software Composition Analysis (SCA), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), and Runtime Application Self-Protection (RASP)
- Working with enterprise wide security architecture for on-prem and cloud-based application security solutions such as SonarQube, Acunetix, Snyk and proficiency Undertake Vulnerability Management (Code, Application, Platform and System) activities to help protect the enterprise.
- Experience in working with Container environments on Docker, Terraform, Nomad, Consul and Ansible. The applicant should possess one or more common languages NodeJS, Typescript, Rust, Python.
- Ability to articulate complex topics (written and verbal) to both a technical and non technical audience.
- A strong team leader and people manager capable of demonstrating solid work ethic and commitment to achieving team and organisation goals.
- University degree (Information Security)
- SANS Institute, ISC2 or ISACA certifications such as : CISSP, GPYC, GEVA, GWAPT CISM,CASE, CASS, CSSLP, GWEB, GCPN
- Have significant integration experience as a software architect
- Be excellent in interpersonal and collaboration skills
- Be able to present proposals to technical and business audiences
- Be able to operate at an intermediate level of written and spoken communication
- Be excellent in communication skills and empathy towards customers
- Have good understanding of applied cryptography
Make a difference and get yourself noticed in a rapidly growing company, providing multiple opportunities for career and personal development. We are a dynamic, multi-cultural team of smart, motivated people based in brand new offices in the heart of Hong Kong’s Central business district. We’ll give you tough challenges, while offering rewarding results to match, as well as regular team and social events and flexible working arrangements when needed.
- Diverse and inclusive team: A diverse and international team who come from over 15 countries with diversity of both thought and background on a mission to disrupt the digital asset industry. We support each other and take pride in our achievements. We attract talent from well known global multinational companies and institutions.
- Ownership & learning-curve: Opportunity to make an active contribution to the growth story of one of the leading disruptors in the FinTech industry.
- Communication: We treat our staff like owners by being open, transparent, and providing regular communication about our direction and progress. We provide regular insight into decision making, strategy, and corporate-wide objectives and key results progress so that each of our employees is aligned and empowered. And we constantly strive to improve how we can communicate more effectively.
- Office: We offer both the flexibility to work remotely or to work in style and comfort from our modern office in Central, Hong Kong, the heart of the Asian financial services centre.
Other jobs like this
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Staff Security Engineer jobs
- Open Head of Information Security jobs
- Open Lead Security Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Cybersecurity Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Cloud Security Automation Specialist jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Cloud Security Operations Lead jobs
- Open Azure Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open DevOps-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Audits-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Security assessments-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open CEH-related jobs
- Open Encryption-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open Agile-related jobs
- Open Open Source-related jobs
- Open Threat detection-related jobs
- Open OSCP-related jobs
- Open Intrusion detection-related jobs
- Open Machine Learning-related jobs
- Open DevSecOps-related jobs