Security engineer
Posted: Feb. 18, 2023, 8:21 a.m. - Full Time - GurgaonAbout Syfe
Syfe is a digital investment platform with a mission to empower people to grow their money confidently and choose the future they want to live in. Built on the pillars of advice, access, and innovation, we cater to the full spectrum of an individual's wealth needs across diversified proprietary portfolios, cash management solutions, and a state-of-the-art brokerage.
The Syfe team combines world-class financial expertise with best-in-class technology talent. Excellence in execution is in our DNA and we offer equity ownership to all employees regardless of seniority and designation.
We are regulated by the financial authorities across Singapore, Hong Kong, and Australia. In Singapore alone, where we are headquartered, over 100,000 investors trust Syfe to grow their wealth.
Since its founding, Syfe has raised the US $52.4 million from world-class investors. The company has won multiple awards including Wealth Management Fintech of the Year by the Asian Banking and Finance Awards 2022, as well as being recognized as one of the Top LinkedIn Startups in Singapore 2022.
Who are we:
While we are a diverse set of people, we value the following core traits:
Fast learning: We often require learning new tools and technologies. We believe in adopting them if they are particularly well suited for our problems, instead of limiting ourselves to what we already know. However, we are always short of time and therefore have to learn fast.
Versatility: While each one of us has a core skill, we possess at least one secondary skill as well. Apart from allowing the team to be fluid, it also helps us understand how all pieces (frontend, database, network, servers, etc.) fit together.
Madness about quality: Put together, individual lines of code should be robust, scalable, high-performance, fault-tolerant, and most importantly, beautiful software. We also stay up-to-date with the latest in the world of software to make ourselves better.
Passion: To try out new ideas and iterate on existing product features, and love experimenting with new technology if it's right for the job. Because not only do we ride the cutting edge, we make it happen.
Collaboration: We believe that engineering is a continuous process of learning and improvement and that the best way to learn is by getting help from your fellow engineers. Coding is more fun when you do it together and appreciate the feedback.
We are seeking a Backend Engineer to develop and own state-of-the-art products that help bring people closer to their financial goals. As we build and scale Syfe over the next few years, our product and engineering team is growing and it is the perfect time to join the team at an early stage and create an impact within and outside the organization.
Responsibilities:
Expertise in conducting Vulnerability Assessment and Penetration Testing on web applications, mobile applications (Android and iOS), and infrastructure.
Experience with Vulnerability Management, and adherence to ISMS policies and regulatory compliance standards.
Strong documentation skills, including the ability to document TTP (Techniques, Tactics, and Procedures) used during security assessments.
Hands-on experience with SAST, DAST, and open-source vulnerability management tools.
Ability to coordinate with various technology stakeholders to discuss identified vulnerabilities and assist the engineering team in planning for risk mitigation.
Active participation in planning and implementing new security benchmarks across the organization.
Experience conducting source code and architecture reviews in coordination with the Software Development team to identify vulnerabilities.
Strong communication skills and the ability to clearly communicate technical ideas to both technical and non-technical stakeholders.
Flexibility to work on dynamic requirements, as well as pre-defined responsibilities within the information security group.
Desired Skills :
Proven experience in Penetration Testing, with 1-3 years of hands-on experience.
Strong understanding of OWASP Top 10, and the ability to identify and exploit vulnerabilities in web applications.
Experience with penetration testing of mobile applications on both Android and iOS platforms.
Familiarity with application threat modeling, and the ability to identify potential security risks and vulnerabilities in software systems.
Strong analytical and problem-solving abilities, with the ability to think critically and creatively.
Ability to work well in a fast-paced environment, and to adapt quickly to new challenges.
Additional skills that would be beneficial include knowledge of AWS security, EDR, WAF, security monitoring, and programming/scripting languages.
The Syfe Advantages:
1. Annual learning allowance for work-related online courses and books
2. Allowance for home office setup
3. Latest M1 Macbook Pro + as required hardware and software
4. Best of all, our specialty is helping people manage their money. We will help you learn how to manage your own money like a pro