Senior Information Security Engineer

Taipei /
KKCompany – Engineering /
Asia’s leading technology group, KKCompany Technologies (KKCompany), is a leader in software services. Our mission is to build “Freeways to Inspiration” and help industries achieve digital transformation. By creating technology highways with partners, we deliver our services around the world and drive value creation through future technology.

In addition to our flagship brands KKBOX, KKStream, and Going Cloud, our core technologies cover various fields such as music streaming, multimedia, and cloud services. Through a range of products and services, we help customers create commercial value. We also offer software services and solutions to over tens of millions of customers with corporate clients across Asia covering various industries such as telecommunications, entertainment and multimedia, media, education, and fitness centers.

We have over 500 employees across offices in Tokyo, Singapore, Taipei, Kaohsiung, and Hong Kong.


    • Security issue management
    • Discover security vulnerabilities
    • Conduct regular security assessments
    • Internal security education training program
    • Integrate security tools with CI/CD pipelines
    • Design security related policies and guidelines
    • Design or review security related workflow and SOP
    • Review digital infrastructure and information systems
    • Cooperate with IT and service operation team to secure our services
    • Analyze, assess, and respond to various information security incidents and risks
    • Design countermeasures, mitigations, and containment of information security incidents


    • Excellent communication skills
    • Excellent English reading and good English writing
    • Familiarity with one BSD or GNU/Linux OS distributions
    • Knowledge and skills of penetration testing tools or vulnerability scanner
    • Knowledge of CDN, DNS, HTTP, VPN, TCP/IP, TLS, OSI model and REST API
    • Experience in cloud computing
    • Experience in using container technology like: Docker
    • Experience in using version control system like: Git
    • Experience in software development or system administration
    • Experience with an interpreted language (PHP , Python, Ruby, or Shell Script)
    • Familiarity with issue tracking / project management tools like: GitLab, Trac or Jira
    • B.S or M.S degree in Computer Science, Security related field, or equivalent practical experience

Nice to have:

    • Ability to interpret basic SQL queries
    • Ability to discuss, explain and summarize complex, technical topics
    • Contributions to the security or open source community
    • Experience in IT or IT security
    • Experience in monitoring and alerting tools
    • Experience in Privileged Account Management
    • Experience in MDM solutions like Microsoft Intune or Jamf
    • Experience in network management, firewall, IDS/IPS or SIEM
    • Experience in OpenLDAP, Microsoft AD or Azure AD management
    • Experience in using various open source tools and technologies to solve problems
    • Familiarity with secure coding practices
    • Familiarity with OWASP top ten web application security risks
    • CCSP, CISSP, CHFI, CND, CEH, CEH Practical or OSCP certification
    • Knowledge and skills of SAST, DAST tools
    • Knowledge about security frameworks like ISO 27000 series, PCI-DSS, NIST CSF