Job Description

Our client is the Southeast Asia’s largest integrated car e-commerce platform, offering end-to-end solutions for buying, selling, financing, and owning used cars.

They are looking for a Senior Security Engineer who is a hands-on technical expert responsible for the implementation, automation, and maintenance of the group’s security infrastructure. This role is critical in securing the group’s cloud-native environments, with a strong focus on GCP/AWS, CI/CD pipeline hardening, DevSecOps practices, and SOAR playbook integration. 

Working closely with Engineering, DevOps, and Product teams, this position ensures that security is embedded across cloud workloads, applications, and infrastructure in alignment with the Cybersecurity Strategy 2025 and ISO 27001 controls.

Cloud Security Implementation

• Lead the implementation of cloud-native security tooling on GCP and AWS.
• Secure cloud workloads using Google Security Command Center Enterprise (SCCE) and Google Cloud Armor.
• Define and enforce security governance policies across SaaS, PaaS, and IaaS environments.

DevSecOps & Automation

• Integrate SAST, DAST, and SCA security testing tools into CI/CD pipelines.
• Automate vulnerability management and patching via Infrastructure-as-Code (IaC) tools (e.g., Terraform).
• Implement IAM role-based security controls and enforce least-privilege principles in DevOps workflows.

Cloud Infrastructure & Network Security

• Provide technical input and security hardening support for the Secure Access Service Edge (SASE) architecture implemented by vendors.
• Review vendor and cloud configurations to validate security posture and compliance with CARSOME standards.
• Enforce secure configurations across firewalls, access points, and cloud gateways.

Security Operations Support

• Provide engineering and automation support for threat detection, system hardening, log telemetry, and policy enforcement.
• Integrate SOAR tools and develop automated playbooks for rapid incident response.
• Collaborate with MSOC and DFIR vendors to triage alerts and support audit control defense.
• Support digital forensic investigations and threat-hunting activities.

Collaboration & Documentation

• Partner with Engineering and DevOps teams to embed security into the software development life cycle.
• Maintain up-to-date documentation for security tools, playbooks, and infrastructure.
• Participate in security review meetings and provide technical insights on risk mitigation.

Job Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
• Minimum of 5 years of hands-on experience in cybersecurity, preferably in fully cloud-native environments.
• Proven expertise in GCP/AWS security, DevSecOps, and Infrastructure-as-Code (e.g., Terraform, GitOps).
• Experience implementing and managing SOAR platforms and automated playbooks (e.g., Cortex XSOAR, Splunk SOAR, Google SecOps SOAR).
• In-depth knowledge of cloud security principles, threat detection, and vulnerability management using platforms such as Prisma Cloud, CrowdStrike, or SentinelOne.
• Strong understanding of integrating security into CI/CD pipelines using tools such as GitLab, Jenkins, or GitHub Actions.
• Familiarity with ISO 27001, SOX, and other regulatory standards relevant to cloud-native security.
• Demonstrated practical delivery experience in infrastructure hardening, threat mitigation, or audit remediation.

Skills