Companies Coinhako Senior Security Engineer, Governance Risk and Compliance

About the role

Coinhako · Onsite

We are operating at the fast-moving frontier of the crypto ecosystem, where trust, speed, and ironclad security are paramount to our success. We aren't looking for a passive bureaucrat or a traditional checklist-checker. We need a sharp, highly autonomous Senior Engineer, GRC who genuinely loves the details, anticipates gaps before dashboards turn red, and possesses the human judgment to steer modern, tech-forward security frameworks. If you thrive in high-stakes environments and know how to balance real risk mitigation against empty paperwork, you’ll fit right in.

What you'll be doing:

  • Compliance lifecycle: Maintain ISO 27001 certification, prepare for SOC 2 Type 1 and 2, manage auditor relationships, and own evidence collection in Vanta. You know what's slipping before the dashboard turns red, and can forecast certification timelines confidently.

  • Vulnerability management (as a program): Own the SLA layer — weekly dashboard, breach escalation, exception tracking, and monthly leadership view. Engineers fix the bugs; you ensure they fix them on time.

  • Policy lifecycle: Annual reviews, new policies as scope expands, training rollout, attestation tracking, and exception requests. Reviews run through an adversarial AI pipeline today; you'll own the cadence and the human judgment inside it.

  • People-ops security controls: Onboarding/offboarding evidence, access reviews, security awareness training, background-check tracking, and permission groups. Partner with HR on the workflow; own the auditable artifact.

  • Vendor risk: Vendor inventory, pre-procurement assessments, and annual reassessments.

  • Risk program: Maintain the risk register and run quarterly reviews.

  • Data protection: DLP policy and tuning, data-classification programs, and PDPA partnership with Legal.

  • Business continuity: Own the BCP/DR program — documentation, drills, and post-exercise improvements.

What we're looking for:

  • 3–5 years in security or GRC program management, ideally at a fintech that grew through early stages.

  • Hands-on experience running ISO 27001 and SOC 2 audits end-to-end, including auditor management.

  • Deep fluency in Vanta (or Drata, with willingness to switch). You know where the platform helps and where you have to compensate manually.

  • Confident representing the security program to security teams — both technically and as a trust signal.

  • Strong written and verbal communication.

  • Sound judgment on when a control gap is real risk vs. paperwork, and the ability to escalate to the right audience quickly.

  • Strong interest in Cryptocurrency, Blockchain, Fintech, or Finance/Trading — you follow the space, understand why it's a uniquely hostile threat environment, and want to defend it.

  • Proficient in English communication skill.

What’s in it for you:

  • MacBook or high-end laptop for working.

  • Full coverage of social insurance.

  • Premium health care for you and your family members.

  • Full 100% salary during probationary period.

  • Working in a professional, friendly, well-equipped workspace with both foreigners and Vietnamese.

  • Extensive on job training; will always having chances to work with new emerging technologies.

  • Friendly and fun start-up work culture.

Find out more about Coinhako here https://www.coinhako.com/ and don't forget to visit our Careers Page https://www.coinhako.com/join-us

By submitting your application to us, you consent to the collection, use, disclosure and processing of your personal data in accordance with our privacy policy, which is accessible at https://www.coinhako.com/legal/sg-1/privacy_policy.

Ready to apply to Coinhako?
Apply to Coinhako

Similar jobs

Sign up for suggestions tailored to the jobs you open and the searches you save.

Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get the worldwide-remote edge.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free