Job Overview
Location
Singapore
Job Type
Full-time
Category
Security Engineer
Date Posted
May 16, 2026
Full Job Description
đź“‹ Description
- • Own end-to-end cloud and infrastructure security for Plaud’s AWS/GCP production environments, including remediation of credential exposures, deployment and tuning of CSPM across all accounts, and embedding IaC security gates (Checkov/Terraform) into CI/CD pipelines.
- • Implement Zero Standing Privileges through Just-in-Time (JIT) access and Cloud Infrastructure Entitlement Management (CIEM) to minimize attack surfaces across cloud resources.
- • Design, deploy, and operationalize a SIEM platform from scratch, authoring 30+ detection rules mapped to MITRE ATT&CK framework spanning cloud telemetry, endpoint, and SaaS data sources, with continuous tuning to reduce false positives and maintain detection fidelity.
- • Lead incident response lifecycle for P1/P2 security events, owning the development of minimum four incident playbooks and coordinating cross-functional response teams to achieve MTTD of ≤60 minutes.
- • Produce and maintain continuous operational evidence for SOC 2 Type II audit readiness by Q4 2026, including log retention policies, alert records, control review cadences, and written control narratives for Cloud Security and SecOps domains.
- • Publish monthly security performance reports to leadership and deliver H1 risk governance reports with clear remediation tracking to ensure vulnerability SLA compliance of ≥90%.
- • Define and enforce security policies aligned with CIS Benchmarks (L1/L2), ISO 27001, ISO 27701, GDPR, SOC 2, HIPAA, and EN 18031 compliance requirements.
- • Integrate and correlate log sources across cloud environments, endpoints, and SaaS applications to ensure comprehensive visibility and detection coverage.
- • Leverage LLMs daily as part of core security workflows — including summarizing alerts, generating detection rules, drafting SOAR playbooks, and automating IaC policy checks — with ability to demonstrate recent AI usage during interview.
- • Operate independently to build security infrastructure from zero, selecting tools, defining baselines, and establishing policies without relying on inherited systems or legacy runbooks.
- • Maintain rigorous documentation standards for all security controls, audit trails, and compliance artifacts to ensure passable third-party audits and regulatory readiness.
- • Collaborate with engineering, product, and operations teams to embed security into development lifecycles and promote a culture of shared ownership for infrastructure safety.
- • Stay current with evolving threat landscapes and adapt detection methodologies to counter emerging attack vectors targeting AI-powered productivity platforms.
🎯 Requirements
- • 5+ years of hands-on security engineering experience with demonstrable depth in at least one of: cloud security (AWS/GCP, CSPM, IAM, IaC) or security operations (SIEM, IR, SOAR, detection engineering) — and working fluency in the other.
- • Proven ability to build security infrastructure from zero: tool selection, baseline configuration, and policy definition without inheriting a mature program or existing runbook.
- • Strong working knowledge of MITRE ATT&CK, CIS Benchmarks (L1/L2), cloud-native security tooling (AWS Security Hub, GCP SCC, or equivalent CSPM), and log source integration across cloud and endpoint layers.
- • Familiarity with SOC 2 Type II control requirements — specifically CC6 (logical access), CC7 (monitoring & detection), and the operational evidence standards expected by a third-party auditor.
- • Routinely uses LLMs as part of daily security workflow — alert summarization, detection rule generation, SOAR playbook drafting, or IaC policy automation — and will demo last-2-weeks AI usage during interview.
🏖️ Benefits
- • Meaningful Ownership through an Employee Stock Ownership Plan (ESOP) that gives a real stake in Plaud’s long-term success.
- • Access to best-in-class AI tools, including Cursor, GPT models, Gemini, Claude, and other frontier AI systems to maximize engineering and execution efficiency.
- • Best-in-Class Equipment — choice of top-spec laptops, high-performance workstation setups, and cutting-edge Plaud devices for all new hires.
- • Comprehensive Medical & Insurance Coverage including medical insurance and WICA coverage for all full-time employees.
- • Annual company offsites and team events within a culture that values craftsmanship, ownership, and velocity.
- • High-Impact Environment working in a fast-moving, product-driven company where ideas directly shape the future of AI productivity.
Skills & Technologies
AWS
GCP
Terraform
Onsite
About PLAUD AI INC.
PLAUD AI INC. builds AI-powered voice and note-taking hardware. Its flagship Plaud Note records phone calls and meetings, transcribes them in real time, and generates summaries using GPT-4o. The credit-card-sized device attaches to iPhone or Android, stores encrypted audio locally or in the cloud, and integrates with Notion, Slack, and Google Docs. Founded in 2023 and based in San Francisco, the company sells direct to consumers and enterprises through plaud.ai, offering subscription plans for advanced AI features and multi-language support.
Get more remote jobs like this
Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.
Newsletter
Weekly remote jobs and featured talent.
No spam. Only curated remote roles and product updates. You can unsubscribe anytime.
