[ProtoPie] IT & Security Engineer (Senior) at ProtoPie

Seoul, , South Korea -

Full Time

Start Date

Immediate

Expiry Date

16 Jun, 26

Salary

0.0

Posted On

18 Mar, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

IT, Security Engineering, macOS Management, Cloud Security, ISO 27001, ISO 27701, TISAX, AWS, GCP, Network Security, Monitoring, Encryption, SIEM, Penetration Testing, Vulnerability Disclosure, Security Awareness

Industry

Software Development

Description

Role Summary We are looking for an IT & Security (Senior) to join our team in managing and improving ProtoPie’s company-wide security posture. In this hands-on role, you will work alongside our team to oversee everything from internal IT software and assets (macOS) to securing our cloud production infrastructure and product code. You will play a key role in maintaining and expanding our certifications, such as ISO 27001, ISO 27701, and TISAX, while ensuring that security is integrated into our business processes and company culture. Additionally, you will help provide technical assurance to our global enterprise clients, demonstrating that our security standards meet their strict requirements for protecting prototyping data. Key Objectives: Workplace IT & Identity Management: Collaborate on establishing a secure internal environment by managing our software ecosystem, macOS fleet, and centralized identity and access systems. Customer Trust & Technical Assurance: Act as the technical ambassador to our global enterprise clients, successfully demonstrating our security posture to ensure they can confidently use our platform. Infrastructure & Network Security: Work with the team to harden cloud environments (AWS/GCP). Collaborate with our SREs and backend engineers to manage network security design, firewalls, monitoring, permissions & authentication, and encryption, to ensure a robust architecture for our production services. Security Operations & Monitoring: Build proactive detection and response capabilities through comprehensive monitoring, automated log analysis, and robust secret management. Product Security & Testing: Help coordinate security testing for our products. This includes testing the security of new features, managing external penetration tests, overseeing vulnerability disclosures, and supporting the engineering team with security & privacy. Internal Governance & Process: Secure the human side of the business by hardening internal workflows, leading company-wide security awareness, and maintaining our global compliance certifications. Responsibilities Identity & Assets: Configure and maintain Okta, Google Workspace, Kandji/Iru (MDM), and other company-wide tools. Manage OS security (e.g. SentinelOne), software distribution, and SSO integrations for all team members. Cloud & Network Hardening: Manage AWS/GCP security configurations, including WAF rules, Network Security Groups, DNS/DMARC, encryption, and IAM permissions. Customer Engagement: Complete security questionnaires and lead technical calls with enterprise security teams to resolve concerns and provide evidence of our compliance. Detection & Tooling: Optimize security tooling such as AWS GuardDuty and Inspector. Improve our SIEM visibility, manage tokens/secrets, and leverage automation or AI for log processing and incident detection. Security Testing: Test the security of new product features using tools such as Burp Suite, coordinate third-party penetration tests and oversee that engineers mitigate the findings, manage the vulnerability disclosure process, assist developers with privacy & security related topics, and arrange secure coding training for our developers. Audits & Internal Process: Gather technical evidence for ISO 27001/27701, TISAX, and GDPR audits. Review internal business processes for security gaps and conduct organization-wide security awareness training. Requirements Must Verbal/written communication skills in both English and Korean. Bachelor’s degree or equivalent professional experience in IT/security. 5+ years of experience in an IT, cybersecurity, pentesting, infrastructure/DevOps, backend, or other suitable technical role with a connection to security. Strong general technical skills with an affinity for IT/security solutions and the ability to quickly pick up new tools. Strong fundamental understanding of the core concepts that drive security. Capacity to embrace change and quickly adapt to new situations or changes in direction. Ability to work in a self-directed environment that is highly collaborative and cross-functional. Plus Professional experience at SaaS companies. Strong Plus: Experience with securing or managing cloud production infrastructure with modern tools such as Kubernetes, Docker, related CI/CD integrations (e.g., GitHub), and token management. Experience with any of our core stack: AWS, GCP, Kandji or other MDM solutions, Okta, Google Workspace, SentinelOne, and SIEM solutions. Experience or affinity with coding (e.g., TypeScript/JS, HTML, Python). Coding experience is not strictly required, but it helps with understanding potential product security issues. Experience applying AI in a secure way to automate repetitive processes without increasing risk. Familiarity with AppSec topics (OWASP Top 10) or penetration testing. Any experience with security certifications and audits (SOC2, ISO 27001, TISAX, GDPR). Experience in senior stakeholder management and working across various parts of an organization. [How We Work] Team ProtoPie Works with 5 Company Values 1. Autonomy & Responsibility We respect everyone's autonomy while taking responsibility for freedom and for judgment between right and wrong for the company. 2. Communication & Trust We share information, communicate transparently, and build trust with our colleagues and customers. 3. Integrity We draw a line between personal and professional lives and work with high moral standards. 4. Global Citizenship We respect each cultural trait and always consider the global market in work. 5. Team Player We collaborate with colleagues, help others actively, and respect others' professionalism and authority. [Benefits and Welfare] 1. Welcome Awards For new joiners, we support KRW 1,000,000 for buying personal peripherals and items for better work efficiency. - Desk, Chair, Tablet PC, Mobile, Smartwatch, etc. 2. Education Benefits We believe that members’ growth and happiness lead to the team’s growth. We support members in buying books and taking classes they want: language, instrument, anything you want to learn. 3. Healthcare Benefits We understand that our people can bring their best selves to work when they and their families are taken care of. - Medical check-ups, Gym, Physical activities, Vision care, Medical treatment(pets included) 4. Internet & Communication Benefits We support internet and mobile expenses to enrich our remote working environment. 5. Congratulations & Condolences We support members’ life events both in joy and in sorrow. [Working Arrangements] Flexible working hours (Generally from 10 AM to 7 PM KST in HQ). Full-time position (during the first 3 months—the probation period, the employee will receive 100% of their salary). HQ: Gangnam, Seoul, South Korea [Hiring Process] Submit resume or CV > 1st Interview > 2nd Interview > 3rd Interview > decision and negotiation. Interview process may be slightly changed depends on the position. Employment will be terminated if you are found to have falsified information on your resume and portfolio. StudioXID is dedicated to cultivating a diverse and inclusive workplace. We highly value diversity in our workforce and do not discriminate in our hiring or promotion practices based on race, religion, color, national origin, gender, gender identity or expression, sexual orientation, age, marital status, veteran status, disability, pregnancy (including breastfeeding), parental status, or any other characteristic protected by law. As a global company, English proficiency is required for all roles to ensure smooth communication and collaboration across our international teams, unless otherwise stated in the job postings. If you have any questions, please feel free to reach us at job@protopie.io

Responsibilities

This senior role involves managing and improving the company's security posture across internal IT assets (macOS) and securing cloud production infrastructure, while playing a key part in maintaining global compliance certifications like ISO 27001. Key objectives include managing workplace IT and identity, providing technical assurance to enterprise clients, hardening infrastructure, building detection capabilities, coordinating product security testing, and securing internal governance processes.