CISO / Principal Security Engineer

innovators hub asia

Ho Chi Minh, Vietnam

Fresher

Save

Posted 10 hours ago
Be among the first 10 applicants

Early Applicant

Job Description

Introduction

About Digiex

DigiEx Groupis a global technology partner specializing in Innovation Software

Development, AI-powered solutions, Tech Talent services, and digital transformation services. Headquartered in Vietnam, DigiEx supports innovative companies around the world in building scalable tech products and elite engineering teams. With a strong focus on quality, agility, and innovation.

About Client

Our client is part of a leading global financial services group headquartered in London. The organization provides a comprehensive range of financial solutions, including investment banking, securities and brokerage services, asset and wealth management, banking, and trust services.

Job Description

We are building a next-generation digital banking and cryptocurrency trading platform. We are not looking for an armchair general or a traditional corporate compliance manager who only signs off on policies.

We need a battle-tested, hands-on Chief Information Security Officer (CISO) who enjoys getting their hands dirty. In this role, you will bypass the traditional management overhead—you won't have a team to manage on day one. Instead, you will be deeply embedded within our core product and engineering teams, taking full, end-to-end ownership of our cybersecurity architecture, execution, and implementation.

Responsibilities

As our sole security anchor, you will drive the security lifecycle of our fintech and crypto trading application from the ground up.

Product-Embedded Security: Act as the dedicated security partner for the product team, ensuring that security is designed into every feature, from fiat onboarding to crypto wallet interactions.
Cross-Functional Collaboration:Partner directly with the CTO on architectural decisions, embed security guardrails with DevOps, define automated security testing with QA, and bridge the gap with the Compliance team to meet regulatory standards.
Hands-on Implementation:Write secure configuration scripts, implement DevSecOps pipelines, configure Cloud Security Posture Management (CSPM), and actively fix/mitigate vulnerabilities alongside engineering.
Crypto & Traditional Infrastructure Security:Secure our hot/cold wallet architectures, Multi-Party Computation (MPC) protocols, smart contract interactions, and traditional digital banking APIs.
Incident Response & Threat Modeling:Conduct continuous threat modeling against fintech and Web3 attack vectors (e.g., reentrancy, flash loans, front-running, API exploitation, and phishing).

Requirements

Domain Expertise (Fintech & Crypto)

Fintech & Digital Banking: Strong understanding of securing core banking systems, payment gateways, ledger databases, and compliance frameworks (e.g., PCI-DSS, SOC2, ISO 27001).
Crypto Security: Proven experience securing crypto trading platforms, exchange mechanics, custodial/non-custodial wallets, and key management systems.

Execution & Technical Skills

Strategy to Code: Ability to translate high-level security frameworks into actual technical implementations. You must be comfortable looking at code, configuring AWS/GCP security controls, and using modern security tools.
DevSecOps Mastery:Experience integrating SAST, DAST, and dependency scanning directly into CI/CD pipelines.

Communication & Soft Skills

Excellent English Communication:Fluent written and spoken English is mandatory. You must be able to clearly articulate complex security risks to business stakeholders, and technical fixes to developers.
Collaborative Mindset:A proactive partner, not a blocker. You should know how to work empathetically with QA and DevOps to find solutions that keep the platform both secure and highly performant.

Why You'll Love Working Here