Job Overview
Location
Singapore
Job Type
Full-time
Category
Security Engineer
Date Posted
May 16, 2026
Full Job Description
đź“‹ Description
- • Own and execute security initiatives across one or more critical domains: cloud & infrastructure security, data security, application & AI security, hardware & firmware security, security operations, or enterprise IT security.
- • Secure Plaud’s AWS and GCP cloud environments by remediating credential exposure, deploying Cloud Security Posture Management (CSPM), embedding Infrastructure-as-Code (IaC) security gates using Checkov and Terraform within CI/CD pipelines, and implementing Zero Standing Privileges via Just-in-Time (JIT) access and Cloud Identity Entitlement Management (CIEM).
- • Design and implement a data protection framework including L1-L5 classification for audio, transcription, and PII data; map end-to-end data flows; enforce Write-Once-Read-Many (WORM) access audit logs; and govern permissions across Snowflake and other databases.
- • Own the secure software development lifecycle (SDLC) by integrating SAST and DAST tools into CI/CD workflows; defend against Prompt Injection and other LLM-specific threats aligned with the OWASP LLM Top 10; and conduct mandatory security reviews prior to product releases.
- • Validate Plaud’s Sigma hardware against EN 18031 standards by owning Secure Boot implementation, dual-key signing for OTA updates, PKI lifecycle management, HBOM+CVE supply chain scanning, and Product Security Incident Response Team (PSIRT) operations.
- • Build, maintain, and operate a SIEM platform with over 30 MITRE ATT&CK-mapped detection rules; establish and refine incident response (IR) playbooks; track and improve MTTD and MTTR metrics; and deliver monthly security reports to executive leadership.
- • Drive 100% endpoint detection and response (EDR) and mobile device management (MDM) coverage across global teams; roll out Okta SSO and SCIM integration across the SaaS application stack; and co-develop a measurable security awareness program with the IT team.
- • Build security controls from scratch in a fast-paced, bootstrapped environment with no pre-existing framework — independently scope initiatives, select appropriate tools, and deliver outcomes without oversight.
- • Apply cross-domain awareness to understand how cloud, data, application, hardware, and operational security layers interconnect — and translate technical risks into clear business impact for engineering and leadership teams.
- • Leverage AI tools (LLM-assisted triage, automated CSPM, AI-driven code analysis) to enhance security efficiency — or demonstrate strong curiosity and willingness to adopt such tools in your workflow.
- • Maintain alignment with key compliance and security frameworks including NIST CSF, CIS Benchmarks, OWASP, OWASP LLM Top 10, MITRE ATT&CK, SOC 2, ISO 27001, ISO 27701, GDPR, PIPL, and EN 18031.
- • Contribute to Plaud’s mission of building next-generation human-AI intelligence infrastructure by ensuring security and privacy are foundational to every product and system.
🎯 Requirements
- • 5+ years of hands-on security engineering experience with deep expertise in at least one domain: cloud security (AWS/GCP, CSPM, IAM), data security (classification, DLP, audit logging), application/AI security (SAST, DAST, LLM/Prompt Injection), hardware/firmware security (embedded systems, PKI, EN 18031), security operations (SIEM, IR, SOAR), or enterprise IT security (EDR, MDM, IdP/SSO)
- • Proven ability to build security controls from zero in a fast-moving environment — scoping work, selecting tools, and delivering independently without a pre-existing framework
- • Cross-domain awareness: ability to reason about interdependencies between cloud, data, product, hardware, and operational security, and communicate risk clearly to engineering and leadership
- • Familiarity with relevant standards and frameworks: NIST CSF, CIS Benchmarks, OWASP / OWASP LLM Top 10, MITRE ATT&CK, SOC 2, ISO 27001, EN 18031, GDPR/PIPL
- • Experience using AI tools (LLM-assisted triage, automated CSPM, AI coding tools) to amplify security output — or genuine curiosity to adopt them in your workflow
- • Must be based in Singapore or willing to relocate there
🏖️ Benefits
- • Meaningful Ownership through an Employee Stock Ownership Plan (ESOP) that provides real equity stake in Plaud’s long-term success
- • High-Impact Environment working in a fast-moving, product-driven company where your contributions directly shape the future of AI productivity
- • Cutting-Edge AI Tools for Productivity with access to best-in-class AI systems including Cursor, GPT models, Gemini, and Claude
- • Best-in-Class Equipment including choice of top-spec laptops, high-performance workstations, and Plaud devices for all new hires
- • Medical & Insurance Coverage with comprehensive medical insurance and WICA coverage for all full-time employees
- • Team & Culture including annual company offsites, team events, and a culture that values craftsmanship, ownership, and velocity
Skills & Technologies
AWS
GCP
Terraform
Senior
Onsite
About PLAUD AI INC.
PLAUD AI INC. builds AI-powered voice and note-taking hardware. Its flagship Plaud Note records phone calls and meetings, transcribes them in real time, and generates summaries using GPT-4o. The credit-card-sized device attaches to iPhone or Android, stores encrypted audio locally or in the cloud, and integrates with Notion, Slack, and Google Docs. Founded in 2023 and based in San Francisco, the company sells direct to consumers and enterprises through plaud.ai, offering subscription plans for advanced AI features and multi-language support.
Get more remote jobs like this
Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.
Newsletter
Weekly remote jobs and featured talent.
No spam. Only curated remote roles and product updates. You can unsubscribe anytime.
