ARCHIVED
This job listing has been archived and is no longer accepting applications.
MisuJob - AI Job Search Platform MisuJob
Login Sign Up

[MY] Senior/Staff, Security Engineering (Platform and Compliance)

Confidential

Petaling Jaya, Selangor Hybrid permanent

Posted: February 5, 2026

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Quick Summary

We are looking for a hybrid engineer who views Security, Reliability, and Compliance within our platform (both corporate and production systems) as an engineering professional with a strong background in security and compliance.

Required Skills

Security Application Security CI/CD Cloud Security IAM Observability Incident Response Compliance Automation Zero Trust

Job Description

About the team:

The Technology team powers everything the business does. The team is building a reliable, scalable platform for the company's products and services. The team includes Backend, Frontend, Mobile, AI, and QA engineers working across regions, alongside Platform, Security & IT Operations teams. Together, they collaborate closely with Data and Product teams to continuously evolve and scale the products.

About the role:

We are looking for a hybrid engineer who views Security, Reliability, and Compliance within our platform (both corporate and production systems) as an engineering problems to be solved, not checklists to be managed.

In this role, you will own the integrity of our entire technical estate, from the laptops our employees use to the production system serving our customers. You will build the "paved roads" that make secure and reliable development the default, while serving as the primary technical voice during compliance audits.

Core Responsibilities:

1. Holistic Platform & Security Enforcement

Application Security (AppSec):

Integrate security tooling into the CI/CD pipeline (SAST, DAST, Dependency Scanning) to catch vulnerabilities before it goes to production.

Working together with the engineering team on how to secure base images and libraries for developers to use.

Platform Security (CloudSec):

Enforce "Least Privilege" via automated IAM policy generation and rotation.

Manage network security boundaries.

Observability:

Build the "eyes and ears" of the platform. Ensure that security events and reliability metrics are centralized, allowing for rapid detection of both outages and intrusions.

Corporate Technology & Security:

Ensure our critical corporate technology systems are running reliably and met all the necessary security and compliance process.

Engineer the Zero Trust access layer. e.q. Ensure that access to internal tools requires strong identity verification (SSO/MFA) and device health checks.

Automate the onboarding/offboarding of access to SaaS tools (e.q. Code Repo, Slack, AWS) to prevent "access creep."

Incident Command:

Serve as a senior responder for critical incidents for platform & security, whether it’s a downtime issue or a potential security breach. Lead blameless post-mortems to engineer out the root cause.

2. Technical Compliance & Trust

Automated Governance: Instead of manual screenshots, you work on how to continuously query our systems to prove compliance with standards like SOC2, ISO27001, or HIPAA.

Audit Support: Serve as the Technical Subject Matter Expert (SME) during internal/external audits. When an auditor asks, "How do you ensure data encryption?", you don't just explain it, you show them how the system actually enforces it.

Customer Trust: Occasionally assist the business team by answering complex technical security questionnaires from enterprise customers, demonstrating how our architecture protects their data.

The "Day-in-the-Life" Mix

60% Engineering: Solving engineering issues by running architecture reviews, implementing security via codes, designing secure system, or others technical matters.

20% Operations: On-call rotation, system upgrades, and ongoing security remediation.

20% Governance/Compliance: Automating evidence collection, reviewing audit controls, and answering technical compliance queries.

Qualifications

Technical Competencies:

Cloud Fluency: Expert-level knowledge of AWS/GCP/Azure. Understand end-to-end cloud-based development workflow. From design phase to serving production system. 

Application Security: Strong experience in the areas of secure application development workflow (such as open source security, SAST, DAST, container security, network policies).

Security Tooling: Experience with how cloud security works and the overall tooling to support this workflow such as cloud firewall, secret management, and Policy-as-Code (OPA/Sentinel/others).

Corporate System & Security: Understand how corporate systems works and security implementation around it. Such as mobile devices management, corporate security policies, SSO, MFA, network policies, etc.

Compliance & Soft Skills:

Audit Fluency: You know what SOC2 and ISO27001 are, and you know how to map technical controls to their requirements. Understand how to leverage the right tools to optimize the audit process.

Communication: Ability to explain complex security risks to business team, product managers and auditors alike.

Pragmatism: You understand that security is a trade-off. You prioritize risks based on reality, not just theoretical severity.

Great To Have:

Past experience working with health care, insurance, finance or regulated industries.

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply