Security engineer

Posted: Oct. 12, 2021, 7:08 a.m. - Full Time - Gurgaon

About Syfe

Syfe is one of the fastest growing digital wealth platforms in Singapore. We build personalized, diversified portfolios using proprietary algorithms and state-of-the-art technology. Our mission is to enable sophisticated investing at a low cost.
In July 2021, we closed a S$40 million Series B funding round led by Valar Ventures , just 9 months after raising Series A. Our existing investors followed on their original investment in a short time frame, which speaks volumes about our rapid growth and our future ahead. Moving forward, we will accelerate our expansion across geographies, launch new products and grow our team.
The Syfe team consists of industry experts from finance, e-commerce, and technology. We come from startups as well as large corporations. Excellence in execution is in our DNA. We aim to become Asia’s largest Digital Wealth Manager by leveraging technology to provide a superior investing experience for our customers. Syfe was named Best Digital Advisory Solution at DigFin Group Innovation 2021. Find out more about us at www.syfe.com

Who are we:

While we are a diverse set of people, we value the following core traits:

Fast learning: We often require learning new tools and technologies. We believe in adopting them if they are particularly well suited for our problems, instead of limiting ourselves to what we already know. However, we are always short of time and therefore have to learn fast.

Versatility: While each one of us has a core skill, we possess at least one secondary skill as well. Apart from allowing the team to be fluid, it also helps us understand how all pieces (frontend, database, network, servers, etc.) fit together.

Madness about quality: Put together, individual lines of code should be robust, scalable, high-performance, fault-tolerant, and most importantly, beautiful software. We also stay up-to-date with the latest in the world of software to make ourselves better.

Passion: To try out new ideas and iterate on existing product features, and love experimenting with new technology if it’s right for the job. Because not only do we ride the cutting edge, we make it happen.

Collaboration: We believe that engineering is a continuous process of learning and improvement and that the best way to learn is by getting help from your fellow engineers. Coding is more fun when you do it together and appreciate the feedback.

We are seeking a Security Engineer to develop and own state-of-the-art products that help bring people closer to their financial goals. As we build and scale Syfe over the next few years, our product and engineering team is growing and it is the perfect time to join the team at an early stage and create an impact within and outside the organization.

Responsibilities:
Perform security assessment against various applications, servers and IT assets independently as well as within a team
Vulnerability management while adhering to ISMS policy and regulatory compliance
Document TTP (Techniques, Tactics and Procedures) used during security assessment
Co-ordinate with various technology stakeholders to discuss identified vulnerabilities and assist engineering team in planning for risk mitigation
Active participation in planning and implementation of new security benchmark across the organization
Coordinate with Software Development team and perform source code and architecture review to identify vulnerabilities
Perform VA/PT on web application, mobile application and infrastructure to identify vulnerabilities

Requirements:
1+ years of experience working as a Security Engineer
Strong understanding of offensive security operations
Understanding of OWASP Top 10, NIST, CIS and MITRE ATTACK
Understanding of security assessment tools such as Burpsuite, Nmap, Nessus, Qualys Guard, Metasploit, Wireshark etc
Strong communication skills and ability to communicate ideas to both technical and non-technical people

Open to work as per defined responsibilities and other security domains within information security group

Good to have skills :
Security certifications such as CEH, OSCP, OSWE are plus.
Experience with any of the scripting/programming languages (Python, Ruby, Bash, PHP etc.)
Understanding of cloud security and AWS security stacks.
Understanding of DevSecOps or Secure SDLC process.

The Syfe Advantages:

Annual learning allowance for work-related online courses and books
Allowance for home office setup
Latest M1 Macbook Pro + as required hardware and software
Best of all, our specialty is helping people manage their money. We will help you learn how to manage your own money like a pro