Thinking Machines is a technology consultancy building AI & data platforms to solve high impact problems for our client. Our vision is for Southeast Asia to become a global hub for data science. To do that, we create data cultures, one organization at a time.
We’re a company made up of intellectually curious, civic-minded, forever-learning individuals. We believe that great data science products are built with care for people, and that the best way to drive inclusive innovation is to start with a diverse team.
Our field of work is incredibly dynamic, so we want to work with people who are committed to growing with us. We want to hire people who can demonstrate an ability to learn, then provide them with personalized coaching, growth opportunities, and a great working environment to get them to world-class.
Thinking Machines is growing fast and so is our need for organizing, maintaining, and securing our digital infrastructure. As a Security Operations Associate, you’ll be responsible for end-to-end security, ensuring our systems stay secure and operational. You’ll play a key role in maintaining our security posture and keeping threats at bay. Reporting directly to the Associate Director of Operations, you will also be expected to coordinate closely with the internal security team and vendors to ensure compliance with security policies, standards, and best practices.
Your core responsibilities include:
Leading security efforts for incident prevention, detection, and response
Setting up and configuring preventive internal security controls
Installing and maintaining automated tools to aid in monitoring and protection
Being an active part of the incident response team in case of any alerts
Designing, implementing, and reviewing security processes, and ensuring compliance with industry standards
Collaborating with cross-functional teams to develop and implement robust security processes
Ensuring our security practices comply with industry standards and best practices (CIS, NIST, ISO, GDPR, etc.)
Establishing, communicating, and enforcing security policies
Upholding the culture of regularly disseminating informative materials to keep the employees up to date with the latest security advisories and initiatives
Addressing questions, concerns, and clarifications from the employees about various security policies and best practices
Coordinating with security-related third parties
Working with security consultants and other vendors who assist with threat detection, provide security training, and evaluate and make recommendations to our security posture
Liaising with our internal project teams and the IT personnel of Thinking Machines’ enterprise clients
Coordinating with client IT personnel to fulfill infrastructure requirements in compliance with relevant security policies
Collaborating with Thinking Machines’ internal project teams to help develop secure project architectures in the cloud
Administering Thinking Machines’ internal stack of tools
Overseeing internal platforms and infrastructure
Managing standard procedures and supporting the audit of our security posture for platforms such as Slack, GitHub, Google, and Microsoft ecosystems, along with their various integrations
Assisting in the rollout of new software across the company
Managing access for various platforms and internal systems in accordance with security policies
Providing other security-related support for the employees
Manage a set of service desks for support requests in collaboration with our IT Operations Associate
We are looking for someone who has:
2+ years of experience in system administration and security operations (i.e., incident response and vulnerability assessment)
Proficiency with Unix systems
Experience managing at least one cloud platform, such as Google Cloud Platform (GCP), Microsoft Azure, or Amazon Web Services (AWS)
Basic programming or scripting skills using any language
Exceptional troubleshooting skills for solving uncommon problems (mastery of Google-fu a plus)
Strong external communication skills — clearly conveys security protocols to stakeholders in a way that helps them understand, appreciate, and support these measures
High attention to detail and excellent organizational skills – meticulously tracks tasks, spots inconsistencies, and maintains structured workflows
Security-focused mindset – prioritizes protection of systems and data by proactively identifying risks and vulnerabilities, and staying updated on the latest threats and best practices
High preference for candidates with:
Experience in people management
Quick learning agility – capable of learning new tools and frameworks on the fly
Relevant certifications like CISSP, CCSP, CISM, etc.
Knowledge of security standards such as CIS, NIST, ISO, GDPR, etc.
We offer the following compensation and benefits:
Competitive salary — the compensation amount is positively correlated with the difficulty of the job, relevant experience, fit, and skill factors.
Hybrid Set-Up — Hybrid-remote means employees are required to come in an average of two days a week for client engagements and internal in-person days intended for collaboration, socials, and strategic planning.
Individual professional development budget — an annual budget for conferences, training courses, books, and software is available to sharpen your skills and build new ones to help you grow in your role.
Full health benefits — generous health insurance package upon hiring, with options to include dependents.
Apprenticeship and yearly performance reviews with the leadership team to discuss career and personal goals, job progress and any questions and concerns.