Senior Cyber Defence Engineer
Indexed description
About Timo
Launched in 2015, Timo pioneered digital banking in Vietnam with a mission to make banking faster, simpler, and more accessible.
Today, as part of one of Southeast Asia’s leading digital financial services platforms, Timo is building secure, scalable, and customer-first digital banking experiences for millions of users across Vietnam.
We are looking for curious minds and driven talents from fintech, digital banking, and technology companies who are excited to move fast, build meaningful products, and help shape the future of banking in Vietnam.
About the Role
We are looking for a Senior Cyber Defense Engineer to help shape and implement robust cyber defenses for Timo and Kredivo Group.
You will operate across the full cyber defence stack: endpoint security, WAF, network security and monitoring, DLP, threat intelligence, threat detection, and vulnerability/patch management. Working closely with Kredivo Group's regional cyber defence team and Timo's IT and engineering functions, you will help detect, contain, and respond to threats, keeping Timo's banking platform and customers safe.
You will report to the Infosec Lead.
What You Will Do
- Monitor and respond to all security alerts, triage Alerts, Investigate and Incident trigger
- Operate and manage security controls (EDR, IDS/IPS, WAF, DLP) and review system configurations to recommend security improvements.
- Drive vulnerability and patch management: Perform vulnerability assessments and recommend remediation measures.
- Implement CIS hardening standards across laptops, desktops, network appliances, Servers, containers, and cloud environments.
- Participate in security incident response: investigation, containment, and post-incident review.
- Partner with the Threat Detection team: tune existing detections and develop new rules.
- Apply threat intelligence: turn emerging threat data into stronger detection, containment, and response.
- Threat Hunting: Conduct periodic threat hunting to identify hidden threats, suspicious activities, and IOCs within the enterprise environment.
- Automation: Develop scripts and automation tools to streamline repetitive security operations and workflows.
- Support for periodic information security reviews, such as firewall rule review, account review, and Regulation compliance support, such as PCI DSS/ SBV & MPS regulation/ISO 27001 framework familiarity.
What We Are Looking For
Experience
- 4+ years in information security, with hands-on experience in two or more areas: SOC Analysis, cyber defence, incident response, threat hunting, threat intelligence, and vulnerability management.
- Experience operating in production environments at a meaningful scale.
- Comfortable working in cross-functional, regulated environments.
Skills & Expertise
- Hands-on with: WAF, CDN, Firewall, SIEM, EDR, Cloud.
- Working knowledge of EDR, DLP, and SIEM platforms.
- Solid understanding of network security: firewalls, IDS/IPS, segmentation, system security (VM, Windows, Linux, Container), and cloud security.
- Basic malware analysis and suspicious file behaviour investigation.
- Experience with vulnerability and patch management workflows.
- Familiarity with CIS hardening standards.
- Good knowledge of modern adversary tactics, techniques, and procedures (MITRE ATT&CK or similar)
- Professional working English: regular collaboration with Kredivo's regional Cyber Defense team and Timo's local teams.
Attributes
- Strong sense of ownership: you follow incidents from detection through resolution
- Calm under pressure: you operate well during active incidents.
- Pragmatic communicator: You translate threats and findings for both technical and non-technical audiences.
Bonus Points
- Security certifications: CompTIA Security+, CySA+, CHFI, and GIAC Cyber Defense certifications are a plus, Cloud Security Certifications or similar.
- Background in Fintech, Banking, or other Regulated Industries.
- Experience with Threat Hunting, Detection Engineering and Incident Response
- Familiarity with cloud security is preferred.
Why Join Us
- Help defend one of Vietnam's leading digital banks and the customers who trust it.
- Work as part of Kredivo Group's regional cyber defence team (Vietnam, Indonesia, Singapore).
- Hands-on defense work across a real, large-scale fintech environment.
- Hybrid model: 4 days HCMC office, 1 day work from home.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search