CyberSecurity Engineer

BJAK is Southeast Asia’s largest digital insurance platform with millions of users across Malaysia, Thailand, Taiwan, and Japan. We are hiring a Cybersecurity Engineer to safeguard and strengthen our core technology — spanning infrastructure, cloud, applications, and devices.

This is a high-responsibility role reporting directly to senior management. It’s ideal for someone who thrives in fast-paced, high-stakes environments, takes full ownership, and can act decisively under pressure. If you’re looking for predictability and step-by-step instructions, this isn’t for you. But if you want to directly protect millions of users with speed, autonomy, and impact, BJAK is the right place for you.

• Lead end-to-end cybersecurity across infrastructure, cloud, endpoints, and applications
• Monitor SOC alerts, perform threat intelligence analysis, and manage incident response
• Implement and manage EDRs, firewalls, antivirus, IDS/IPS, and other security platforms
• Conduct vulnerability assessments and penetration tests, and implement proactive fixes
• Drive DevSecOps practices across the software development lifecycle
• Secure cloud infrastructure (GCP, AWS, Azure), including IAM, encryption, and audit logging
• Lead security audits and support compliance (ISO 27001, NIST, or equivalent frameworks)
• Collaborate with DevOps, Compliance, Legal, and Product teams to embed security culture
• Deliver employee training and run real-world attack simulations
• Own the security risk register and continuously improve controls
• Liaise with auditors, regulators, and third-party vendors

• Bachelor’s degree in Computer Science, Cybersecurity, or related field
• 3+ years’ hands-on experience in cybersecurity or information security
• Strong knowledge of EDR, firewalls, SIEM, IDS/IPS, antivirus, and related tools
• Proven track record in incident handling and root cause analysis
• Cloud security experience (GCP, AWS, Azure), with knowledge of IAM and encryption
• Familiarity with compliance frameworks (ISO 27001, NIST, HIPAA, local laws)
• Solid understanding of DevSecOps and CI/CD security
• Clear communication and effective escalation skills
• Immediate availability is highly preferred

• Certifications: CISSP, CEH, OSCP, or similar
• Experience in fintech, banking, or other regulated/high-risk environments
• Exposure to auditors, regulators, or compliance committees
• Ethical hacking, red teaming, or adversary simulation experience
• Scripting/automation skills for security operations at scale

• Competitive salary and performance-based bonuses
• Hybrid working model with high autonomy and trust
• Direct access to senior leadership and visibility on strategic matters
• High-impact role with ownership from day one
• Opportunity to shape BJAK’s security architecture from the ground up
• Fast-tracked career growth in a mission-driven fintech company