Cybersecurity Senior Engineer

Mindvalley is entering a new era of AI‑powered, community‑driven, and globally distributed digital experiences. As our Cybersecurity Senior Engineer, you will be the hands‑on expert safeguarding this transformation. Leading the technical execution of our security program across cloud, SaaS, and data platforms.

• Lead design, deployment, and tuning of Mindvalley’s cybersecurity tooling (SIEM, CSPM, vulnerability scanners, endpoint detection, and SaaS monitoring).
• Manage and optimize GCP Security Command Center, Google Workspace, Okta/Auth0, and integrations across the SaaS ecosystem.
• Automate detection and response using scripting/automation tools.
• Operate the full lifecycle of vulnerability management: discovery, triage, remediation, validation, and metrics reporting.
• Perform targeted penetration tests and purple‑team simulations against high‑value assets.
• Correlate findings across multiple tools and automate risk reporting dashboards.
• Continuously harden GCP configurations, GWS configurations, and CI/CD pipelines.
• Build secure defaults and reusable controls for engineering teams (API auth patterns, secret management, encryption policies).
• Partner with product and AI innovation teams to embed secure development practices and data protection into new services.
• Administer and optimize Okta/Auth0, ensuring robust identity governance, adaptive MFA, and automation of joiner–mover–leaver workflows.
• Review and harden access policies across Google Workspace, GitHub, Slack, and internal apps.
• Design alert enrichment, automated ticket creation, and response playbooks.
• Act as incident commander for security incidents, coordinating detection, containment, and recovery.
• Maintain runbooks, logging pipelines, and retrospectives that feed back into continuous improvement.
• Support audits, vendor security assessments, and risk management processes.
• Maintain key security KPIs and dashboards for leadership reporting.

• 5–8 years of progressive experience in cybersecurity engineering or operations, preferably in cloud‑native or SaaS‑heavy environments.
• Hands‑on mastery of GCP (Security Command Center, IAM, VPC, KMS, Cloud Armor) and Google Workspace security administration.
• Strong scripting/automation experience.
• Deep understanding of vulnerability management, network, application security, and modern attack techniques.
• Solid grasp of authentication, identity federation, and SSO (Okta/Auth0).
• Proven track record of operating autonomously and driving cross‑functional remediation with engineering/IT teams.
• Familiarity with ISO 27001, NIST CSF, and GDPR control frameworks (preferred).
• Security certifications such as GCP Professional Security Engineer, OSCP, or CISSP (preferred).
• Prior experience integrating automation tools to reduce manual workload (preferred).

Mindvalley is building the future of human transformation and as Cybersecurity Senior Engineer, you’ll be the guardian and architect of its trust layer. You’ll have the autonomy to shape security engineering across one of Southeast Asia’s most dynamic digital ecosystems while growing your expertise in automation, AI security, and global‑scale SaaS defense.

• An office voted one of the top ten coolest offices in the world in an Inc Magazine audience poll.
• Company is a 6‑times winner of the World’s Most Democratic Workplace Award.
• Work on a team launching some of the most innovative and highest grossing apps on the iTunes store.
• 150‑seat auditorium hosting top tech meetups.
• Annual trip to a paradise island and flexible working hours.
• MacBook or PC laptop to take home.
• Competitive salary and various growth opportunities.

Mindvalley is an equal opportunity employer and does not discriminate on the basis of race, colour, religion, gender identity or expression, national origin, age, disability, marital status, sexual orientation, or any other legally protected status. We are committed to creating a diverse and inclusive workplace and encourage applications from all qualified individuals.