Graduate Hire 2024/25 - Security Engineer (Technology Governance, Certification & Audit)
Singapore, Singapore
OKX
Buy BTC, ETH, XRP and more on OKX, a leading crypto exchange – explore Web3, invest in DeFi and NFTs. Register now and experience the future of finance.- Organising, coordinating and facilitating audits by working with the auditors and obtaining evidence for audit requests.Handling due diligence requests and questionnaires received from regulators and other third parties.
- Supporting business units in developing and maintaining relevant technology related documentation to support local licensing application and maintenance.
- Identifying technology, security and compliance control gaps and coordinating with stakeholders to resolve the gaps. Communicate and bridge the gap between external regulatory or audit requirements and internal stakeholder operations.
- Designing security and compliance controls to meet the requirements of best practices in application security, infrastructure security as well as regulatory compliance, and to coordinate with engineers to implement them.
- Conducting security and control gap assessments, risk assessments and audits.
- Developing and maintaining high-quality technical, security and organizational documentation, including policies, standard operating procedures, standards and guidelines.
- Upholding security and technology best practices. Improving efficiency in cross-office/time zone collaboration.
- Collaborate with team members and functional stakeholders to meet control requirements to demonstrate organizational security compliance.
What We Look For In You
- Bachelors in Computer Science, Information Systems, Technology, Engineering, or related technical disciplines.
- Solid knowledge of information security principles, control design, and implementation.
- Holistic risk assessment skills to break down complex infrastructural and procedural issues to its basic principles for effective and controllable solutions.
- Compliance first mindset. Ability to lead by example for internal and external stakeholders. Highlight organizational best practices and embrace our We Before Me principle.
- Analytical with a positive problem-solving mindset, a proactive team player who embodies a growth mindset, flexible, and comfortable in navigating ambiguity with a global mindset. Able to manage multiple concurrent projects of different workloads, timelines and deadlines. Eager to develop in an organization with rapidly maturing technology and security posture.
- Knowledgeable in the relevant tech stack skillset for the respective specialization - relational databases, OS, networking, encryption and cryptography, identity and access management, change management / SDLC, cloud service architecture.
- Familiarity with the cloud-based Linux environment. Knowledgeable in distributed architecture. Understanding of Kubernetes or container orchestration architecture.
- Familiarity with Java/Python/Go, and with daily developing tools such as npm, gulp, web-pack, git.
- Alibaba Cloud and AWS knowledge and certifications are a strong plus.
- Familiarity with information security risk management and compliance frameworks and reporting standards (i.e. ISO 27001, NIST CSF, SOC 2 Common Criteria, CSA STAR) is a strong plus.
- Familiarity with security and IT risk certifications from recognized bodies such as ISACA, ISC2, CompTIA, CSA (e.g.: CISA, CISSP, CCSP, CCSK).
- Proficiency in speaking, reading and writing in both English and Mandarin to collaborate effectively with global and cross-functional team members.
Perks & Benefits
- Competitive total compensation package
- L&D programs and Education subsidy for employees' growth and development
- Various team building programs and company events
- Wellness and meal allowances
- Comprehensive healthcare schemes for employees and dependants
- More that we love to tell you along the process!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits AWS Blockchain CCSK CCSP CISA CISSP Cloud Compliance CompTIA Computer Science Crypto Cryptography Encryption Finance Governance IAM ISACA ISO 27001 Java Kubernetes Linux NIST Python RDBMS Risk assessment Risk management SDLC SOC SOC 2
Perks/benefits: Career development Competitive pay Flex hours Startup environment Team events Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.