PH - Security Operations Associate

Working at Thinking Machines

Thinking Machines is a technology consultancy building AI & data platforms to solve high impact problems for our client. Our vision is for Southeast Asia to become a global hub for data science. To do that, we create data cultures, one organization at a time.

We’re a company made up of intellectually curious, civic-minded, forever-learning individuals. We believe that great data science products are built with care for people, and that the best way to drive inclusive innovation is to start with a diverse team.

Our field of work is incredibly dynamic, so we want to work with people who are committed to growing with us. We want to hire people who can demonstrate an ability to learn, then provide them with personalized coaching, growth opportunities, and a great working environment to get them to world-class.

Role Description

Thinking Machines is growing fast and so is our need for organizing, maintaining, and securing our digital infrastructure. As a Security Operations Associate, you’ll be responsible for end-to-end security, ensuring our systems stay secure and operational. You’ll play a key role in maintaining our security posture and keeping threats at bay. Reporting directly to the Associate Director of Operations, you will also be expected to coordinate closely with the internal security team and vendors to ensure compliance with security policies, standards, and best practices.

Your Core Responsibilities Include

• Leading security efforts for incident prevention, detection, and response
• Setting up and configuring preventive internal security controls
• Installing and maintaining automated tools to aid in monitoring and protection
• Being an active part of the incident response team in case of any alerts
• Designing, implementing, and reviewing security processes, and ensuring compliance with industry standards
• Collaborating with cross-functional teams to develop and implement robust security processes
• Ensuring our security practices comply with industry standards and best practices (CIS, NIST, ISO, GDPR, etc.)
• Establishing, communicating, and enforcing security policies
• Upholding the culture of regularly disseminating informative materials to keep the employees up to date with the latest security advisories and initiatives
• Addressing questions, concerns, and clarifications from the employees about various security policies and best practices
• Coordinating with security-related third parties
• Working with security consultants and other vendors who assist with threat detection, provide security training, and evaluate and make recommendations to our security posture
• Liaising with our internal project teams and the IT personnel of Thinking Machines’ enterprise clients
• Coordinating with client IT personnel to fulfill infrastructure requirements in compliance with relevant security policies
• Collaborating with Thinking Machines’ internal project teams to help develop secure project architectures in the cloud
• Administering Thinking Machines’ internal stack of tools
• Overseeing internal platforms and infrastructure
• Managing standard procedures and supporting the audit of our security posture for platforms such as Slack, GitHub, Google, and Microsoft ecosystems, along with their various integrations
• Assisting in the rollout of new software across the company
• Managing access for various platforms and internal systems in accordance with security policies
• Providing other security-related support for the employees
• Manage a set of service desks for support requests in collaboration with our IT Operations Associate

Requirements

We Are Looking For Someone Who Has

• 2+ years of experience in system administration and security operations (i.e., incident response and vulnerability assessment)
• Proficiency with Unix systems
• Experience managing at least one cloud platform, such as Google Cloud Platform (GCP), Microsoft Azure, or Amazon Web Services (AWS)
• Basic programming or scripting skills using any language
• Exceptional troubleshooting skills for solving uncommon problems (mastery of Google-fu a plus)
• Strong external communication skills — clearly conveys security protocols to stakeholders in a way that helps them understand, appreciate, and support these measures
• High attention to detail and excellent organizational skills – meticulously tracks tasks, spots inconsistencies, and maintains structured workflows
• Security-focused mindset – prioritizes protection of systems and data by proactively identifying risks and vulnerabilities, and staying updated on the latest threats and best practices
  
  

High Preference For Candidates With

• Experience in people management
• Quick learning agility – capable of learning new tools and frameworks on the fly
• Relevant certifications like CISSP, CCSP, CISM, etc.
• Knowledge of security standards such as CIS, NIST, ISO, GDPR, etc.
  
  

Benefits and Perks

We Offer The Following Compensation And Benefits

• Competitive salary — the compensation amount is positively correlated with the difficulty of the job, relevant experience, fit, and skill factors.
• Hybrid Set-Up — Hybrid-remote means employees are required to come in an average of two days a week for client engagements and internal in-person days intended for collaboration, socials, and strategic planning.
• Individual professional development budget — an annual budget for conferences, training courses, books, and software is available to sharpen your skills and build new ones to help you grow in your role.
• Full health benefits — generous health insurance package upon hiring, with options to include dependents.
• Apprenticeship and yearly performance reviews with the leadership team to discuss career and personal goals, job progress and any questions and concerns.