Hydra X provides regulatory-compliant, enterprise-ready solutions to prepare institutional clients for the future of finance. We seek to bridge the transition to a tokenised capital markets ecosystem by offering asset-agnostic solutions which allow interoperability between traditional and digital assets. Our clients include exchanges, banks, brokerages, and other financial institutions.

We are currently embarking on a significant growth plan to expand our business, and are looking for an experienced Technology Security Specialist who is passionate and able to demonstrate strong interest in cybersecurity. You are hands on in managing and executing the organisation’s cybersecurity operational processes and maintaining its compliance with regulatory requirements / expectations.

This is an opportunity to join an entrepreneurial team, focussed on innovation and building outstanding products to support the company’s overall strategy and goals.

Responsibilities:

• Supports cybersecurity-related queries from other teams in ensuring that projects and systems are compliant with internal policies and the relevant legal and regulatory frameworks (e.g. Cybersecurity Act, PDPA, etc.)
• Responsible for the following:
• Vulnerability assessment and penetration testing (VAPT) scheduling and testing
• Investigation of potential security incidents alerts and follow up with status reporting to management
• Periodic cybersecurity compliance checks on cloud-based infrastructure and endpoints to identify potential security flaws and monitoring on remediation status
• Cybersecurity assurance activities across the various stages of the Software Development Life Cycle
• Design and assess technical cybersecurity controls effectiveness and perform systematic monitoring of cybersecurity-related risks
• Implementation of cybersecurity initiatives to improve the security posture of the organisation
• Supporting in the following:
• Review and maintenance of internal cybersecurity policies and standards based on industry best practices, international standards and current cybersecurity landscape changes/events
• Evaluate cybersecurity risks related to third-party vendor and products, including the identification and implementation of mitigating measures
• Prepare and conduct periodic cybersecurity and technology risk awareness trainings
• Contribute to team effort by accomplishing related results as needed

Qualifications & Requirements:

• Degree/Diploma in Computer Science, Computer Engineering or Information Technology or related disciplines
• Minimum 2 years of relevant experience
• Familiar with international security standards (e.g. ISO27001, MITRE Attack, CIS, NIST and SANS) and MAS TRM
• Have working experience with Windows, Unix and security tools
• Good to have knowledge of AWS, GitHub and CrowdStrike and/or prior working experience in DevSecOps role is ideal
• AWS certification and relevant security certifications (e.g. OSCP, CRT, etc.) are desirable
• Self-learner with excellent communication skills