Senior Security Engineer

Our story: Blackpanda Group is Asia's leading local cyber incident response firm, dedicated to delivering world-class digital emergency response services to businesses in the region.We help businesses strengthen their cyber resilience and secure their digital operations by supporting them with incident response delivered by local experts and cyber insurance underwritten by our Lloyd’s of London coverholder Pandamatics Underwriting.Our mission is to make cyber resilience achievable for all, with services and solutions designed for the Asian market. Our Mission:  To democratise cyber resilience. Our Vision:  A world where organisations of all sizes have access to best-in-class cyber incident response and insurance solutions, so they can conduct business securely and sustainably. What are we looking for: Technology is at the heart of what Blackpanda does, and is looking for a seasoned security engineer who thrives on daily hands-on projects, while excited by the opportunity to grow into leading a tight-knit, diverse security engineering team, building class-leading architecture and security products.Blackpanda is at an exciting stage, envisioning what cyber risk protection can look like in the APAC region, and you will be building that future. This role suits someone who is excited by the prospect of building security products from the ground up with the most appropriate technologies available today. You will have extensive experience in modern security engineering, preferably currently working at a security product-focused company. Initially you will be developing forward-thinking solutions to protect against external threats to a company’s digital assets. You will be leading attack-surface technology with the goal of providing real time, continuous insights for a given SME in APAC as to their security posture and likelihood of threats. You will be expected to be able to synthesise our security product and business problems into an engineered solution using the most appropriate language, modules, and tooling. Blackpanda is building a cross-functional engineering team where all members should be excited by the prospect of solving problems first through planning and dialogue, and only after this moving to code and infrastructure set up. Responsibilities and duties: Identifying and responding to emerging security threats quickly and effectively is a priority for all businesses, but conflicting priorities, tools that produce too much noise, or insufficient resources can often slow security teams down. You will be developing the future of how companies of all sizes (and especially SMEs in APAC) are able to identify and respond to potential threats before they develop into fully-fledged attacks and breaches.You will be curating a significant number of data sources via modules, and turning these into proactive alerting of potential critical and high-risk issues. Leveraging our in-house security team, you will collaborate with some of the most experienced incident responders in the field to develop real-time analysis of potential threats and make them understandable for non-technical business owners and employees.

Qualifications and experience:

At least 5 years working as part of a security team and/or security product team as an engineer, shipping production-ready code and solutions. Natural curiosity and you thrive on learning new things Value balance in your life and know when to call it a day so that you come back fresh the next morning with class-leading solutions. We do not promote sloppy code and as such, we guard against overworked, tired developers, but you must also be good at managing your own time to achieve this. Passion for efficiency and collaboration, with a history of establishing great relationships with your engineering peers. Prioritise test-driven, elegant solutions that are maintainable, aided by appropriate terse or detailed documentation, whichever makes the most sense per case. Significant experience with open source modules in the security field and how to incorporate them achieving the best value for the problem at hand. You understand that there are significant costs associated with compute and storage on an ongoing basis of modern security engineering, and understand how to help keep these manageable with the help of your team. Comfortable presenting to a group over video calls periodically, describing how a solution was arrived at, and how it works in layman terms. Business fluent written and verbal communication skills in English. Conversational fluency and higher in any Asian language is a plus but not required

Technical qualifications and experience:

At least 5 years working in a professional capacity as a security engineer, ideally with a product focus. This time should not include any years of study, or pure ‘hobby project’ time. You have led the development of, or significantly contributed to security products / tools that are used daily either by customers or internal teams and form a critical function of the organization / primary revenue stream. Extremely proficient in Python. Additional experience and proficiency in Node / Javascript is welcomed. (Optional) Familiar with at least one containerised deployment platform, such as Google Cloud Run, Amazon ECS, Azure and / or directly with K8s. Experience using and maintaining CI/CD pipeline infrastructure. Minimal-maintenance such as Github actions experience is a plus. Bachelor’s degree in a related field and / or a clear history of engineering in a team-based, professional capacity for the stated experience years (5+)

What we offer:

40 days paid leave per year to also be used in lieu of all gazetted Singapore holidays at user choice. This is due to the global arrangement of personnel with different public holidays and the requirement of the company to be on stand-by as a crisis response unit 24/7/365. Level 3 ‘Work-From-Anywhere’ arrangement as per company policy, which is currently 20 days per quarter. This is always subject to client requirements and approvals from Supervisor as business dictates. Work-life balance - no scheduled internal meetings on Fridays, unless absolutely necessary. Enrolment in the company corporate health plan (where available) or USD$100 per month allowance. Opportunities for travel, team onsite meet-up, and training opportunities. HK$864,000 - HK$864,000 a year Equity:  ESOP baseline award proportional to the annual compensation for a total of 24,895 options with a strike price set at current Fair Market Value, with a 5-year vesting period inclusive of a 1-year cliff.Candidates who successfully pass the Interview stage will be required to complete a Case Study, used to evaluate their technical knowledge and application of their skills in practical scenarios relevant to the role.Blackpanda is committed to building a culturally diverse company, and we value a broad set of opinions in our team. As we grow, we are looking to build a team with a range of viewpoints at its core, and we encourage applications from minority candidates and all genders however you identify (X/F/M).Blackpanda does not accept unsolicited resumes from recruitment agencies. We will not be responsible for any fees related to unsolicited candidates submitted by recruiters with whom we have not established explicit, written agreements for our job vacancies. By submitting any candidate information, recruiters agree to forfeit any claim to fees should their candidate be hired without an established agreement with Blackpanda.

---