We are looking for a hands-on Cybersecurity Engineer to support and strengthen the security of our digital platforms, including booking systems, CRM, cloud infrastructure, and customer data systems.
This role will focus on practical implementation, monitoring, and improvement of security controls, working closely with internal teams and external vendors.
Key Responsibilities
Security Monitoring & Incident Response
- Monitor systems and applications for security threats
- Investigate alerts and respond to incidents
- Perform basic log analysis and threat detection
Application & Web Security
- Identify vulnerabilities in web platforms (e.g. booking systems, APIs)
- Perform basic vulnerability scanning (e.g. OWASP Top 10)
- Work with vendors to resolve security issues
Cloud & System Security
- Support security of cloud systems (e.g. AWS, hosting environment)
- Manage user access, permissions, and MFA
- Ensure systems follow security best practices
Compliance & Security Practices
- Support PCI-DSS and PDPA-related requirements
- Assist in documentation of security policies and SOPs
- Conduct basic security checks and audits
Internal Security Support
- Support endpoint security (laptops, email security, phishing awareness)
- Assist users with security-related issues
- Promote security best practices across teams
Vendor & Integration Support
- Work with vendors (Tourix, CRM, payment providers) on security matters
- Ensure secure handling of APIs and data exchange
- Follow up on vulnerabilities and fixes
Requirements Experience
- 2-5 years in IT security / cybersecurity / system administration
- Experience in web systems, cloud, or IT infrastructure
- Fresh grads with strong internship experience can be considered (lower range)
Technical Skills (Practical Focus)
Basic understanding of:
- Web security (OWASP)
- Cloud environments (AWS preferred)
- Network & endpoint security
- Access control (MFA, user roles)
Familiar with tools like:
- vulnerability scanners
- endpoint protection
- log monitoring tools
Certifications (Nice to Have)
- Security+, CEH, or similar (not mandatory)
Soft Skills
- Hands-on and willing to learn
- Able to work with non-technical teams
- Practical problem solver (not just theoretical)
What We're Looking For (Important Positioning)
We are looking for someone who is:
- Practical and hands-on (not purely theoretical)
- Comfortable working in an SME environment
- Able to work with vendors and internal teams
- Interested in growing into a broader security / platform role
Growth Opportunity
- Exposure to enterprise systems (ERP, CRM, AI platforms)
- Opportunity to grow into Security Lead / Platform Security role
- Involvement in digital transformation initiatives
