Lead, Security Engineering

Hong Kong, Hong Kong Island, Hong Kong

Hex Trust

Access custody, DeFi, brokerage, and financing services built on regulated infrastructure with Hex Trust, fully-licensed and insured digital asset custodian in Asia.

View all jobs at Hex Trust

Hex Trust is a fully-licensed and insured digital asset custodian. Led by veteran banking technologists and award-winning financial services experts, Hex Trust has built Hex Safe, a proprietary bank-grade platform that delivers solutions for digital asset protocols, foundations, financial institutions, and the Web3 ecosystem. Hex Trust has offices in Singapore, Hong Kong, Dubai, Italy, and Vietnam.

Position Summary

Hex Trust Information Security Team is looking for a highly skilled and motivated Lead, Security Engineering to lead the Security Team's engineering and operations, ensure the right talent is in place, coach and mentor team members. Collaboration with other teams is essential to align and achieve security objectives. You are expected to have deep hands-on experience with least some security domains, such as Cloud Security, Security Engineering, Infrastructure Security, Zero Trust architecture, Security Operations, On-premise Security, and Crypto Wallet Security with strong application background. 

Responsibilities

  • Establish Threat modeling in the company, and propose and implement mitigation strategies
  • Plan, implement and operate our security solution stack together with the rest of the team (CSPM, CWPP, PAM, SIEM, EDR,  WAF, DLP, Vulnerability management tool )
  • Assess current cybersecurity processes and propose improvements on the processes and P&P in order to have the highest overall cybersecurity standards against both external and internal hacks, fraud, or theft.
  • Manage and perform a variety of technical assessments including penetration tests source code reviews, security posture reviews, purple teaming etc.
  • Take charge of security incident management and provide oversight of follow-up and remediation actions as identified. Liaise between key stakeholders, managers, IT professionals and other Cyber Security staff within the team.
  • Manage our security vendors and partners

Requirements

  • Experience working in DevOps / DevSecOps teams, understanding and working knowledge of tooling used by these teams (Terraform, CI/CD pipelines)
  • Experience with PAM, IAM applications, knowledge of OpenID, OAuth2, PKI
  • Experience with SaaS security tooling (CDNs, ng-WAFs, etc.)
  • Experience working in Cloud Native environment (AWS, GCP)
  • Experience with network security infrastructure (Web content filtering, Firewall, IDS and DLP controls)
  • Advanced security knowledge of Cloud Native stack (Kubernetes, Containers, AWS, GCP)
  • Scripting and automation experience (Python, TypeScript, Bash, etc.)
  • Application Penetration Testing, Application Security Reviews, Purple-teaming
  • Incident Response management and investigations
  • Operational familiarity with key management and HSM systems
  • At least 5 years of experience in some of the above security domains 
  • At least 10 years of experience in the industry and at least 2 years of team management experience
  • Cloud certifications, CISSP, OSCP, OSEP, CRTP, CRTE will be a plus
  • Ability to influence others and work towards a common vision or goal
  • You know what high quality secure environment looks like
  • You know what it takes to run motivated team of professionals
  • You are passionate about security and building top notch security teams
  • You are interested in Blockchain and Crypto Currencies
  • You are great communicator, able to explain complex security concepts, engage with engineers and business people alike

*We understand you may not check all the boxes, but would still like to hear from you on how you think you can contribute. 

Benefits

As one of the leading Web3 innovators, Hex Trust offers a front-row seat in the ever-changing blockchain & crypto industry. We genuinely believe that people are our greatest asset, and invest heavily so they’re best prepared to support our mission to unlock ownership in decentralized markets! You will be joining a company that is always committed to creating a supportive & inclusive environment that promotes personal and professional growth that furthers your success and drives innovation, collaboration, and passion in the blockchain space.

At Hex Trust, we are proud of our R.A.P.I.D. culture:

  • Respect and Inclusion
  • Agile
  • Passionate
  • Indivisible
  • Driven by integrity

Join us at Hex Trust and not only can you look forward to working with blockchain professionals to build the decentralized future, but also:

  • Competitive Salaries & Bonuses
  • Generous Amounts of Paid Time Off (incl. leave for Birthdays, Work Anniversary, and Mental Health etc.)
  • Flexible Work Arrangements
  • Access to Corporate Discounts and exclusive Employer Perks
  • Medical & Retirement Plans
  • Professional Learning and Development Opportunities
  • Elevate your work using cutting-edge technology
  • Fun & friendly office spaces in Hong Kong, Singapore, Dubai and Vietnam
  • Regular company & social events


Hex Trust is an equal-opportunity employer devoted to diversity and inclusion in the workplace. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status or disability status.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  14  0  0

Tags: Application security Automation AWS Banking Bash Blockchain CI/CD CISSP Cloud Crypto CSPM DevOps DevSecOps EDR Firewalls GCP IAM IDS Incident response Kubernetes Network security OpenID OSCP Pentesting PKI Python SaaS Scripting SIEM Terraform TypeScript Vulnerability management Zero Trust

Perks/benefits: Career development Flex hours Flex vacation Health care Medical leave Startup environment Team events

Region: Asia/Pacific
Country: Hong Kong

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.