About Mox
Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.
Why Mox
Everything at Mox – from our products, features, to rewards – is designed based on customer research, tailor made for your needs. We care about what customers care about, especially in data security and privacy. Data ethics is core to everyone here at Mox. Mox rewards you with an array of banking and lifestyle benefits. Who says banking can’t be fun?
Who are we looking for?
We are seeking a highly skilled Senior Security Platform Engineer to join our growing Cybersecurity team at Mox Bank.
In this role, you will act as a key architect and a lead within our Architecture, Cloud & Identity Foundations pillar. You will build the "Security Platform"—a suite of automated services, APIs, and guardrails that allow our engineering squads to build and deploy at speed, securely. You will sit at the intersection of DevSecOps, Identity (IAM/PAM), and Cloud Security.
You will provide technical leadership to the DevSecOps squad, have an Agile mindset with a keen interest in DevOps engineering across a range of technologies, while showcasing solid communication and a team-player.
Who you are:
We seek a hands-on security engineer with demonstrated expertise in platform-scale problem solving. You possess an "automation-first" mindset and view manual security interventions as an opportunity for engineering improvement. You are comfortable writing production-grade code, architecting Zero-Trust identity models, and evangelizing security best practices to software development teams. You thrive on solving complex problems at scale and are passionate about building frictionless security into our infrastructure.
In this role, you will have experience in:
- AWS Cloud technologies and architecture patterns
- Solid understanding of continuous deployment and delivery (CI/CD) tools
- Experience with Source Control and SDLC tools and well versed with Python scripting.
- Experience in zero-trust architecture and Identity Security.
-
Security Platform Architecture: Design, build, and maintain our enterprise-wide security-as-code platform. Develop and maintain "Golden Modules" (Infrastructure-as-Code) that empower developers to provision cloud resources that are secure by default.
- DevSecOps & Pipeline Integration: Architect security hooks within our CI/CD pipelines. Automate static and dynamic analysis (SAST/DAST) and secret scanning to ensure rapid, actionable feedback loops for development squads.
- IAM & PAM Governance: Architect and implement modern identity patterns. Shift the organisation from static credentials to dynamic, ephemeral, and Just-in-Time (JIT) access models for both human and machine identities (Workload Identity).
- Cloud Infrastructure Security: Lead the deployment and optimization of Cloud Security Posture Management (CSPM) and Container Security solutions to detect and automatically remediate configuration drift across our multi-cloud environment.
- Security Advocacy & Developer Experience: Act as a strategic bridge between Cybersecurity and Engineering. You will troubleshoot deployment bottlenecks, reduce false-positive fatigue, and lead the charge in fostering a "security-by-design" culture.
To be successful in the role, you will have:
- 10+ years of experience in Software Engineering, Infrastructure Engineering, or Cybersecurity, with at least 4 years focused specifically on Cloud Security or DevSecOps.
- Expert-level AWS cloud architecture and fully automated CI/CD pipeline design, including core services (EC2, RDS, S3, IAM, KMS, API Gateway, Lambda)
- Deep technical understanding of OIDC, SAML, OAuth2, and modern Privileged Access Management (PAM) architectures.
- Extensive Infrastructure-as-Code proficiency (Terraform, CloudFormation) with demonstrated experience in modular 'Golden Module' development and drift detection.
- Production-grade software engineering skills in Python, Go, or Java for security tooling and API development
- Strong experience securing containerized workloads and orchestrators (Kubernetes, Docker, Service Mesh). Configuring, upgrading, monitoring K8S clusters, and ability to debug issues with K8S workloads.
- Experience with Cloud Security Tools like CloudTrail, CloudWatch, Guardduty, Security Hub, AWS Config.
- Have a good mix of both Windows and Linux Server Administration experience.
- Strong leadership, mentoring and senior stakeholder engagement skills.
- A true DevOps passion for automation and innovation and problem solving
- A passion for developing fit for purpose solution designs.
- A passion for coaching and developing technology teams.
Previous experience in Cybersecurity engineering, Cloud security.
Bachelor’s degree in computer science, Software Engineering, Cybersecurity or a related technical field, or equivalent practical experience.
- Professional certifications such as CKS (Certified Kubernetes Security Specialist), AWS/Azure Security Specialty, AWS Solution Architect or CISSP.
- You can distill complex security architecture (like IAM policy propagation or IaC drift) into clear, actionable guidance for non-security peers.
- You are a self-starter comfortable operating in an agile, high-growth environment where priorities can evolve rapidly.
- Experience with Vulnerability Management tooling or general experience in Vulnerability Management and patching.
- Experience with SIEM solutions
- Experience with Privileged Access Management (PAM) solutions
- Experience with Container Intrusion detection tools
- Experience in all is not mandatory but any exposure to the areas these tools deal with is extremely preferable.
Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.
Why Mox
Mox helps you grow – your money, your world, your possibilities. We equip you with the financial management tools, information and insights you need to make your dreams, big or small, come true. Everything at Mox – from our products, features, to rewards – is designed based on customer research, tailor made for your needs. We care about what customers care about, especially in data security and privacy. Data ethics is core to everyone here at Mox.
Mox rewards you with an array of banking and lifestyle benefits.
All personal data provided by applicants will be used for recruitment and other employment-related purposes only. Personal data of unsuccessful applicants will be erased within 24 months of rejection of the applicant’s application.
Mox BankHong KongWe seek a hands-on security engineer with demonstrated expertise in platform-scale problem solving. Production-grade software engineering skills in Python, Go,……5d