Technical Lead, Group Infosecurity

Ninja Van is a late-stage logtech startup that is disrupting a massive industry with innovation and cutting edge technology. Launched 2014 in Singapore, we have grown rapidly to become one of Southeast Asia's largest and fastest-growing express logistics companies. Since our inception, we’ve delivered to 100 million different customers across the region with added predictability, flexibility and convenience. Join us in our mission to connect shippers and shoppers across Southeast Asia to a world of new possibilities. 
More about us: - We process 250 million API requests and 3TB of data every day.- We deliver more than 1.5 million parcels every day.- 100% network coverage with 1000+ hubs and stations in 6 SEA markets (Singapore, Malaysia, Indonesia, Thailand, Vietnam and Philippines), reaching 500 million consumers.- 600,000 active shippers in all e-commerce segments, from the largest marketplaces to the individual social commerce sellers.- Raised US$400 million over four rounds.
We are looking for world-class talent to join our crack team of engineers, product managers and designers. We want people who are passionate about creating software that makes a difference to the world. We like people who are brimming with ideas and who take initiative rather than wait to be told what to do. We prize team-first mentality, personal responsibility and tenacity to solve hard problems and meet deadlines. As part of a small and lean team, you will have a very direct impact on the success of the company.

Role and Responsibilities

• Define and manage drafting technical baseline and standards for IT infrastructure (end points and cloud based solution)Create and implement Technical baselines
• Define and manage Red Teaming – Blue teaming exercise (ethical hacking) Assist and manage security maturity assessments across the organization
• Design and manage penetration testing programs for the organization.
• Rollout endpoint security solutions across the organization Subject matter expert on endpoint security 
• Actively engage with business stakeholders, designing and implementing an on-going Information
• Security training and awareness programme for different levels of personnel. 
• Support development of information security strategy and rollout of the strategy
• Capable of managing projects
• Strong knowledge of understanding of business and security requirements and translating the requirements into effective and efficient policies and processes.

Qualifications/Experience

• STEM (science, technology, engineering and mathematics) degree
• At least 6-8 years of experience in consulting and professional services
• Experience in running vulnerability management program for global organizations
• CISSP is preferred
• Deep technical understanding of security solutions such as SIEM, Qualys, Nessus, EDR solutions, etc
• Experience as a pen tester and red team tester
• Experience in maturity assessments such as data protection, controls assessments, etc

Knowledge and Skills

• Experience in vulnerability management tools like Qualys, Nessus etc.
• Knowledge of cloud security
• Knowledge of scripting languages Python etc. 
• High degree of attention to detail and discipline in tracking and managing the closure of identified vulnerabilities and issues.
• Effective influencing and negotiating skills and demonstrated sensitivity to working and interacting with senior stakeholders
• Ability to work independently 

Tech Stack:
Backend: Play (Java 8+), Golang, Node.jsFrontend: AngularJS, ReactJSMobile: Android, Flutter, React NativeCache: Hazelcast, RedisData storage: MySQL, TiDB, Elasticsearch, Delta LakeInfrastructure monitoring: Prometheus, GrafanaOrchestrator: KubernetesContainerization: Docker, ContainerdCloud Provider: GCP, AWSData pipelines: Apache Kafka, Spark Streaming, MaxwellWorkflow manager: Apache AirflowQuery engines: Apache Spark, Trino
Submit a job applicationBy applying to the job, you acknowledge that you have read, understood and agreed to our Privacy Policy Notice (the “Notice”) and consent to the collection, use and/or disclosure of your personal data by Ninja Logistics Pte Ltd (the “Company”) for the purposes set out in the Notice. In the event that your job application or personal data was received from any third party pursuant to the purposes set out in the Notice, you warrant that such third party has been duly authorised by you to disclose your personal data to us for the purposes set out in the the Notice.