Tech brand logos
Jobstache logoJobstache logo
CoverGo's logo

Security Engineer (SecOps, SIEM and/or Application Security)

CoverGo

Top 3 Reasons To Join Us

  • Competitive Salary

  • 100% Remote

  • Working on the latest tech for the Insurtech Market Leader

About Us

At CoverGo, our mission is to help insurance companies and banks to make insurance 100% digital, to better serve their customers.

  • We are the leading provider of cutting-edge technology to the insurance industry

  • We’re also the winner of the insurtech of the year in all of Asia in 2021 and other awards globally

  • We work with enterprise clients such as AXA, MSIG, DBS, Fubon, Bank of China Group Insurance, and many more

  • We're an international, diverse team with over 20 nationalities and team members working remotely from all over the world

  • We are fully funded and backed by reputable VC funds and strategic institutional investors

  • We have offices in Singapore, Hong Kong, and Vietnam. We plan to expand to the US and other markets in the upcoming months

  • We’ve grown our annualized revenue by over 2000% since January 2021

  • We’re constantly working towards making CoverGo a workplace that you love coming to. We deeply believe that bringing together a diversity of thoughts, expressions, and perspectives is key to building the best culture for equally diverse communities all over the world

About the Role

We are looking for a talented and motivated Security Engineer to help us take CoverGo´s security to the next level. This role is perfect for you if you like to solve wide variety of complex security challenges and want to focus on actual engineering work.

What You Will Do

You will join our small but growing security team, reporting directly to the Head of Security. Your tasks will be determined by your previous experience, skill set, and career ambitions. Your primary focus will be on Security Operations and Application Security. However, depending on the needs of the organization, we expect you to do more and become involved in other security domains as well.

This role has no personnel responsibilities and is primarily focused on solving technical challenges. We work in agile environments, with a lightweight approach to organizing our work in a ticketing system, and your success will be determined by the concrete output you deliver to the organization. You will have complete autonomy and will be able to choose your toolchain, working hours, and method of problem-solving as long as you deliver the desired result.

A typical day in this role consists of the following activities: agile team ceremony, configuring security tools, reacting to alerts and notifications from said tools, incident management forensics, code review, providing architectural advice to engineering teams, and vulnerability analysis.

What We Need

At least 3 years of relevant experience in technical security engineering. (Required)

Technical Skills:

  • Hands-on experience in at least 2 of the following 4 security domains:

    1. End-to-end introduction of a SIEM in a cloud-native organization (AWS, data ingestion of multiple security tools via API JSON, data normalization, alerting routines)

    2. Establishing a robust security incident management process (process design, training, shift system, on-call duty, forensics, post-mortems)

    3. Anchoring security in the software development lifecycle of an agile tech organization (application security requirements, SAST, DAST, vulnerability management, CI/CD security, training)

    4. Hardening APIs for security while maintaining full business functionality (vulnerability testing, API security requirements, API security benchmarking)

  • Ability to confidently read and write at least one high-level programming language, preferably JavaScript; a prior experience in software development is a highly-valued differentiator for this role

Soft Skills:

  • Self-starter and solution-driven, you actively solve problems, not create more or just shift them elsewhere

  • Ability to obtain organizational buy-in and to explain security concepts to both engineers and business people

  • You apply context-driven security that materially improves the company security posture, you do not blindly enforce checklists or standards for the sake of compliance

  • Excellent English skills, written and spoken

  • Extremely self-organized and prior experience with working in fully remote teams

Why You'll Love Working Here

  • Full-remote employment, work from anywhere and/or from one of our physical offices in Vietnam, Singapore or Hong Kong occasionally

  • Local time zone office hours, work by your schedule

  • Paid annual leaves

  • Employee stock options

  • Performance bonus

  • Performance review 2x a year

  • Company activities team offsites to exotic locations

  • Training and development plan

Covergo Company Video

Apply now
Apply now
Poland
Undisclosed
Timezones (UTC)
+1
Tags
Security Engineer
Software Engineer
Information Security Developer
Jobstache logoJobstache logo
Created by @marcelcruz