Engineering Manager, Product Security Engineering

Funding Societies | Modalku is the largest SME digital financing platform in Southeast Asia, expanding into a leading SME neobank. We are licensed and registered in Singapore, Indonesia, Thailand, Malaysia, and operating in Vietnam, and backed by Sequoia India, Softbank Vision Fund and SMBC bank amongst many others. Funding Societies | Modalku provides business financing to small and medium-sized enterprises (SMEs), which is funded by individual and institutional investors. And here at Funding Societies | Modalku we live by our core values:

• Serve with Obsession: Build win-win relationships for the long-term by having a customer obsession.
• Grow Relentlessly: Strive to become our best, most authentic selves.
• Enable Teamwork, Disable Politics: Only by forging togetherness, we help each other succeed.
• Test Measure Act: Stay curious and reinvent ourselves, through innovation and experimentation.
• Focus on Impact: Create impact through bias for action and tangible results.

The Engineering Manager, Product Security Engineering will lead FSMK’s efforts to build large, distributed solutions to allow us to hunt for bad actors, triage high quality detections, and respond with informed skill and insight. S/He will work towards making it easy to ship secure code and difficult to ship insecure code. S/He and the Product Security Engineering team will be responsible for building tools, services, frameworks, libraries, and SDKs that eliminate security vulnerabilities and classes of security vulnerabilities. We are looking for a leader with strong organizational leadership skills, a background in product/application security, a demonstrated progression of management scope, and a passion for managing outstanding managers and engineers in a fast-paced environment.

Requirements

What you will do:

• Drive FSMK’s product security activities including, but not limited to, offensive and defensive security, bug bounty, fraud detection, etc.
• Recruit, hire, and retain a high-performing team of Product Security Engineers, who help the Product Engineering and Infrastructure Engineering teams keep their code free from security bugs.
• Work closely with Product and Product Engineering teams to build secure products and services and with Security Operations team to address relevant aspects of incident management.
• Hold your own in technical discussion, be a subject matter authority, and have strategic influence.
• Communicate effectively and raise awareness of security with various internal and external stakeholders.
• Build out long-term security strategies, initiatives, and new capabilities.
• Develop a roadmap for those initiatives, track progress against it, and evaluate the team's performance.
• Provide regular product security related metrics to management and support incident reporting to regulators, as required.
• Identify new techniques and solutions that increase the team's ability to better protect company and user data.
• Build and maintain positive relationships with various internal stakeholders from other Security teams, Product and Product Engineering teams, Infrastructure Engineering, and Risk & Compliance to divide and conquer challenges related to a broad spectrum of threat actors.
• Maintain knowledge of current and emerging cyber threats and trends; as well as establish relationships with other product security professionals, industry partners, and vendors.

What we are looking for:

• 10+ years of work experience in software and/or security engineering, including 5+ years of proven hands-on technical management experience of software and/or security engineers.
• In-depth familiarity with security policies based on industry standards and best practices.
• Experience in at least one of Go, JavaScript, Python, or Java.
• Technical experience across security disciplines - web application, mobile, infrastructure, etc.
• Experience recruiting and leading technical teams, including performance management.
• Experience translating technical concepts into language that is relevant to many audiences, including software engineers, business and technical leaders, external security community members, and press.
• Ability to work under pressure during critical situations.
• Ability to lead and communicate effectively with peers and stakeholders.
• Bachelors degree in IT, Computer Science, or cybersecurity-related field of study or 4+ years work experience.

You will shine in this role is you are/you have:

• Experience in the banking / financial services / FinTech industry.
• Knowledge of local regulatory and personal data protection requirements in Southeast Asia.
• Experience working in a fast-paced industry.
• Possessing security related certifications / qualifications, such as CISSP, CISM, OSCP, CEH, GCIA, etc.

What it is in for you:

• Work directly impacts FSMK’s obligations to comply with regulatory requirements and to solidify customer trust - correspondingly, the role has high visibility with senior management.
• Opportunity to learn and work with the latest cloud technologies to build creative solutions to nascent problems.
• Opportunity to directly interact with / present to regulators and participate in industry-wide exercises.
• Geographically dispersed team with smart, driven colleagues from diverse backgrounds, who all care about FSMK’s mission and information security.

Benefits

• Time off - We would love you to take time off to rest and rejuvenate. We offer flexible paid vacations as well as many other observed holidays by country. We also like to have our people take a day off for special days like birthdays and work anniversaries.
• Flexible Working - We believe in giving back the control of work & life to our people. We trust our people and love to provide the space to accommodate each and everyone's working style and personal life.
• Medical Benefits - We offer health insurance coverage for our employees and dependents. Our people focus on our mission knowing we have their back for their loved ones too.
• Mental Health and Wellness - We understand that our team productivity is directly linked to our mental and physical health. Hence we have Wellness Wednesdays and we engage partners to provide well-being coaching. And we have our Great FSMK Workout sessions too to keep everyone healthy and fit!
• Tech Support - We provide a company laptop for our employees and the best possible support for the right equipment/tools to enable high productivity