Senior Security Engineer

We Are

YouTrip is the leading and fastest-growing multi-currency payment platform in Asia Pacific. In 2018, we pioneered the region's first multi-currency digital wallet. Now, YouTrip is the #1 multi-currency digital wallet trusted by millions across the region, processing over US$15 billion in total payment value annually.

Our consumer and business propositions – YouTrip and YouBiz – empower individuals and businesses with inclusive, accessible, and affordable financial solutions. YouTrip has raised over US$110 million to date, including its recent Series B round led by global venture capital firm Lightspeed Venture Partners—underscoring strong investor confidence in its mission to transform digital financial services across the Asia Pacific.

Recognised as World Economic Forum’s Global Innovator 2025, CNBC’s World’s Top Fintech Companies (2025, 2024), and LinkedIn’s Top Startup (2024, 2023), YouTrip is dedicated to creating the next generation of digital finance services for consumers and businesses.

Valuing an entrepreneurial culture of diversity and inclusion, we are seeking driven individuals to join our fast-growing regional team as we push the boundaries of innovative fintech solutions.

Job Description: Senior Security Engineer - Enterprise, Applications & Endpoints

We’re looking for a Senior Security Engineer to join our team. This role sits within the First Line of Defense (FLOD) and is responsible for leading the day-to-day detection, analysis, remediation, and prevention of security threats and design, implementation, and continuous improvement of control gaps across the enterprise. The Security Engineer will take a technical lead role in identifying and fixing security weaknesses across endpoint devices, internal systems, third-party applications, and operational processes. They will work closely with other teams like IT, Product, Engineering, and Business teams to ensure security issues are remediated effectively and controls are operating as intended.

This role supports the organization’s Security Operations, Incident Response, Vulnerability Management, Threat Detection, Security Engineering and Business Continuity efforts, ensuring alignment with regulatory, legal, and business requirements. The ideal candidate has strong hands-on technical security experience, has the ability to lead security initiatives from design to implementation, is comfortable working in fast-paced environments, and understands the security challenges in FinTech or regulated financial services.

Key Responsibilities

1. Security Engineering and Security Operations

1. Lead the design, implementation, and continuous improvement of enterprise security controls across endpoints, infrastructure, applications, and cloud environments.
2. Lead and enhance security tooling, including EDR, SIEM, vulnerability management platforms, security monitoring solutions, and threat intelligence integrations.
3. Lead investigations and response activities for security alerts, incidents, and operational security issues.
4. Identify, prioritize, and drive remediation of security gaps enterprise-wide, including:
1. Endpoint devices (laptops, servers, mobile devices)
2. Internal systems and networks
3. Third-party and SaaS applications
5. Partner with IT and Engineering teams to drive timely remediation of vulnerabilities, misconfigurations, and control weaknesses.

2. Vulnerability & Threat Management

1. Own the enterprise vulnerability management program, including vulnerability scanning, prioritization, remediation governance, and reporting.
2. Lead penetration testing, and coordinate remediation efforts and validate fixes.
3. Conduct threat hunting and proactive identification of emerging security risks.

3. Incident Response & Investigations

1. Act as a key responder during security incidents, leading containment, investigation, & recovery activities.
2. Support post-incident improvements to controls and processes.

4. Business Continuity & Security Enablement

1. Support the development, testing, and execution of Business Continuity and Cybersecurity drills.
2. Provide security guidance during system changes, deployments, and operational updates.
3. Act as a subject matter expert for business and technology teams.

5. Continuous Improvement

1. Develop and tune security detection rules, use cases, and monitoring content to improve threat visibility and reduce false positives.
2. Track emerging threats relevant to the organization's technology stack and business operations.
3. Lead initiatives to improve security operations maturity, automation, and operational efficiency.
4. Drive improvements to the security operations by improving processes, playbooks, and tooling.
5. Support security awareness initiatives with a focus on operational risks and real-world threats.

Requirements

• Bachelor's degree in Cybersecurity, Computer Science or Information Technology or a related discipline
• 5+ years of experience in the Cyber Security, or security operations roles.
• Strong hands-on experience with:
• Endpoint security (EDR, hardening, patching)
• Vulnerability management and remediation
• Threat hunting and threat intelligence
• Incident response and security investigations
• Security tooling implementation and administration
• Collection of updates on threat intelligence feeds from various sources
• Integration of customized threat intelligence content feeds provided by the Threat Intelligence services
• Strong understanding of security controls, access management, logging, and monitoring.
• Working knowledge of cloud security concepts (AWS exposure beneficial but not a primary focus).
• Familiarity with security frameworks and standards (ISO 27001, PCI DSS, NIST, CIS).
• Experience using JIRA or similar ticketing / GRC tools to track issues and remediation.
• Industry certifications (e.g., CISA, CISM, CIPP/E, CRISC) are preferred.
• Strong analytical and problem-solving skills with a bias toward action and remediation.
• Ability to prioritize and manage multiple security issues simultaneously.
• Clear communicator with the ability to work cross-functionally with technical and non-technical teams.
• Ability to influence technical and business stakeholders at multiple levels of the organization.
• Strong sense of ownership and accountability.
• Ability to balance security needs with operational and business realities.

To apply

If you are interested in this position, click Apply Now or please send your resume to [email protected], quoting “Senior Security Engineer - Enterprise, Applications & Endpoints (IND)” in the subject header.