Position Overview
We are looking for a Cybersecurity Specialist who will take ownership of our company's information security from the ground up.
This is a solo role, ideal for a hands-on and independent professional who enjoys building security foundations, implementing practical controls, and driving cybersecurity awareness across the organization.
You will work closely with our engineering and operations teams to ensure our systems, infrastructure, and data are secure — balancing real-world risk with business needs.
Key Responsibilities
Strategy & Governance
- Develop and implement baseline security policies, standards, and procedures.
- Conduct risk assessments and recommend practical mitigation strategies.
- Manage compliance requirements (ISO 27001, SOC 2, PDPA, etc.) with external auditors or partners.
- Define incident response processes and coordinate investigations when needed.
Operations
- Monitor security alerts, logs, and threat intelligence.
- Manage endpoint protection, access control, and patch management.
- Coordinate regular vulnerability scans and penetration tests (internal or outsourced).
- Handle security reviews for new tools, vendors, and projects.
Culture & Awareness
- Lead security awareness initiatives for all employees.
- Collaborate with HR and IT to improve onboarding/offboarding security.
- Promote a culture of "security by design" across the company.
Requirements
- 5+ years of experience in Information/Cyber Security, preferably in fintech, SaaS, or tech environments.
- Strong knowledge of cloud, network, and application security.
- Familiar with compliance frameworks (ISO 27001, SOC 2, PCI DSS, PDPA).
- Skilled in incident response, vulnerability management, and security operations.
- Excellent communication, ownership, and problem-solving skills.
- Relevant certifications (CISSP, CISM, CEH, or Security+) are a plus.
Job Type: Full-time