Lead Security Engineer, SecOps

Security Operations & Offensive Security Lead

In line with our expansion, we are looking for a seasoned Security Operations & Offensive Security Lead to manage and strengthen both our defensive (Incident Response, Monitoring) and offensive (Red team, Pentest) security capabilities.

What you'll be doing:

• Leadership & team management

  • Lead and mentor 2 sub-teams (defensive & offensive team).
  • Oversee hiring, training, performance evaluations, career development and resource planning.
  • Establish a strong operational discipline and technical excellence in both teams.
  • Develop and track Goals/ SLAs related to both teams.
  • Engage with other stakeholders on audit engagements and product development.

• Defensive oversight

  • Oversee daily security operations including monitoring, alert triage and detection tuning.
  • Ensure SIEM, SOAR, EDR and monitoring coverage are properly maintained.
  • Serve as overall incident commander for security incidents.
  • Coordinate cross-functional response with other internal and external stakeholders.
  • Review incident reports and ensure agreed remediation is implemented properly.
  • Oversee the full vulnerability lifecycle.

• Offensive Security Management

  • Lead and supervise the Red team.
  • Define the annual offensive testing strategy based on risk, threat landscape and compliance needs.
  • Translate offensive observations into defensive improvements.

What we're looking for:

• 5+ years of working experience in related work roles mentioned above.
• Degree in Computer Science, Information Systems, Engineering or equivalent.
• Understanding and/or experience working in a Cryptocurrency/Blockchain/Fintech/Finance Trading domain.
• Ability to translate technical security issues into clear actions for executives and engineers.
• Excellent communication, presentation and planning skills.
• Fluent written and spoken English.
• Nice to have:
  • Prior experience in a crypto exchange, blockchain company, or high-risk trading platform.
  • Relevant certifications: leadership (CISSP, CISM, etc), offensive (OSCP, OSWE, etc), defensive (GSOM, GCIH, etc) and cloud security (CCSP, AWS).

What’s in it for you:

• MacBook or high-end laptop for working.
• Full coverage of social insurance.
• Premium health care for you and your family members.
• Full 100% salary during probationary period.
• Working in a professional, friendly, well-equipped workspace with both foreigners and Vietnamese.
• Extensive on job training; will always have chances to work with new emerging technologies.
• Friendly and fun start-up work culture.

Find out more about Coinhako here: https://www.coinhako.com/ and don't forget to visit our Careers Page: https://www.coinhako.com/join-us

By submitting your application to us, you consent to the collection, use, disclosure and processing of your personal data in accordance with our privacy policy, which is accessible at: https://www.coinhako.com/legal/sg-1/privacy_policy.

When applying, mention the word CANDYSHOP to show you read the job post completely.