Security Engineer (SecOps, SIEM and/or Application Security)
Top 3 Reasons To Join Us
Working on the latest tech for the Insurtech Market Leader
At CoverGo, our mission is to help insurance companies and banks to make insurance 100% digital, to better serve their customers.
We are the leading provider of cutting-edge technology to the insurance industry
We’re also the winner of the insurtech of the year in all of Asia in 2021 and other awards globally
We work with enterprise clients such as AXA, MSIG, DBS, Fubon, Bank of China Group Insurance, and many more
We're an international, diverse team with over 20 nationalities and team members working remotely from all over the world
We are fully funded and backed by reputable VC funds and strategic institutional investors
We have offices in Singapore, Hong Kong, and Vietnam. We plan to expand to the US and other markets in the upcoming months
We’ve grown our annualized revenue by over 2000% since January 2021
We’re constantly working towards making CoverGo a workplace that you love coming to. We deeply believe that bringing together a diversity of thoughts, expressions, and perspectives is key to building the best culture for equally diverse communities all over the world
About the Role
We are looking for a talented and motivated Security Engineer to help us take CoverGo´s security to the next level. This role is perfect for you if you like to solve wide variety of complex security challenges and want to focus on actual engineering work.
What You Will Do
You will join our small but growing security team, reporting directly to the Head of Security. Your tasks will be determined by your previous experience, skill set, and career ambitions. Your primary focus will be on Security Operations and Application Security. However, depending on the needs of the organization, we expect you to do more and become involved in other security domains as well.
This role has no personnel responsibilities and is primarily focused on solving technical challenges. We work in agile environments, with a lightweight approach to organizing our work in a ticketing system, and your success will be determined by the concrete output you deliver to the organization. You will have complete autonomy and will be able to choose your toolchain, working hours, and method of problem-solving as long as you deliver the desired result.
A typical day in this role consists of the following activities: agile team ceremony, configuring security tools, reacting to alerts and notifications from said tools, incident management forensics, code review, providing architectural advice to engineering teams, and vulnerability analysis.
What We Need
At least 3 years of relevant experience in technical security engineering. (Required)
Hands-on experience in at least 2 of the following 4 security domains:
End-to-end introduction of a SIEM in a cloud-native organization (AWS, data ingestion of multiple security tools via API JSON, data normalization, alerting routines)
Establishing a robust security incident management process (process design, training, shift system, on-call duty, forensics, post-mortems)
Anchoring security in the software development lifecycle of an agile tech organization (application security requirements, SAST, DAST, vulnerability management, CI/CD security, training)
Hardening APIs for security while maintaining full business functionality (vulnerability testing, API security requirements, API security benchmarking)
Self-starter and solution-driven, you actively solve problems, not create more or just shift them elsewhere
Ability to obtain organizational buy-in and to explain security concepts to both engineers and business people
You apply context-driven security that materially improves the company security posture, you do not blindly enforce checklists or standards for the sake of compliance
Excellent English skills, written and spoken
Extremely self-organized and prior experience with working in fully remote teams
Why You'll Love Working Here
Full-remote employment, work from anywhere and/or from one of our physical offices in Vietnam, Singapore or Hong Kong occasionally
Local time zone office hours, work by your schedule
Paid annual leaves
Employee stock options
Performance review 2x a year
Company activities team offsites to exotic locations
Training and development plan
Covergo Company Video