Security Engineer, Infra & Operations - Singapore

About Plaud Inc.

Plaud is building the world's most trusted AI work companion for professionals to elevate productivity and performance through note-taking solutions, loved by over 1,500,000 users worldwide since 2023. With a mission to amplify human intelligence, Plaud is building the next-generation intelligence infrastructure and interfaces to capture, extract, and utilize what you say, hear, see, and think.

Plaud Inc. is a Delaware-incorporated, San Francisco-based company pushing the boundary of human–AI intelligence through a hardware–software combination. With ISO 27001, ISO 27701, GDPR, SOC 2, HIPAA, and EN 18031 compliance, Plaud is committed to the highest standards of data security and privacy protection.

To learn more about Plaud, please visit https://www.plaud.ai and follow along on Instagram https://www.instagram.com/plaud_official/, X https://twitter.com/PLAUDAI, Facebook https://www.facebook.com/plaudai, Linkedin https://www.linkedin.com/company/plaudai/?viewAsMember=true, and YouTube https://www.youtube.com/@PLAUDAI

Why You Should Join Us

Plaud is building the next generation intelligence infrastructure and interfaces to capture, extract, and utilize intelligence from what people say, hear, see, and think.

• Plaud is a bootstrapped, skyrocketing, profitable company with a $250M revenue run rate achieved in just three years.
• Define the next-gen paradigm for human-AI interaction.
• Gain exposure to cutting-edge AI for Pro tools and play a direct role in our global expansion.
• Work with passionate teammates who value innovation, collaboration, and customer success.
• Grow your career in a culture that champions continuous learning and fast career development.
• Market-competitive compensation, global exposure, and a vibrant, creativity-fueled work atmosphere.

What you will do

You will own both the detection & response layer and the cloud infrastructure security foundation at Plaud — two domains that must operate in lockstep to deliver SOC 2 Type II audit readiness by Q4 2026.

• Cloud & Infrastructure Security — Remediate credential exposure across AWS/GCP production environments, deploy and tune CSPM across all accounts, embed IaC security gates (Checkov/Terraform) into CI/CD, and implement Zero Standing Privileges via JIT/CIEM.
• SIEM Build & Detection Engineering — Deploy the SIEM platform and author 30+ MITRE ATT&CK-mapped detection rules spanning cloud telemetry, endpoint, and SaaS — with ongoing tuning to reduce false positives and maintain coverage fidelity.
• Incident Response — Own the IR lifecycle end-to-end: develop playbooks across a minimum of 4 incident categories, lead cross-functional response for P1/P2 events, and drive MTTD to ≤60 minutes.
• SOC 2 TII Operational Evidence — Produce and maintain the continuous evidence package required for audit — log retention, alert records, control review cadences, and written control narratives for Cloud Security and SecOps domains.
• Security Reporting & Risk Governance — Publish monthly security reports to leadership, deliver H1 risk governance reports, and maintain vulnerability SLA compliance ≥90% with clear remediation tracking.

Skills, qualifications and experience we look for

• 5+ years of hands-on security engineering experience with demonstrable depth in at least one of: cloud security (AWS/GCP, CSPM, IAM, IaC) or security operations (SIEM, IR, SOAR, detection engineering) — and working fluency in the other.
• Proven ability to build security infrastructure from zero: tool selection, baseline configuration, and policy definition without inheriting a mature program or existing runbook.
• Strong working knowledge of MITRE ATT&CK, CIS Benchmarks (L1/L2), cloud-native security tooling (AWS Security Hub, GCP SCC, or equivalent CSPM), and log source integration across cloud and endpoint layers.
• Familiarity with SOC 2 TII control requirements — specifically CC6 (logical access), CC7 (monitoring & detection), and the operational evidence standards expected by a third-party auditor.
• Routinely uses LLMs as part of daily security workflow — alert summarization, detection rule generation, SOAR playbook drafting, or IaC policy automation. Will demo last-2-weeks AI usage during interview.

What we offer

• Meaningful Ownership An Employee Stock Ownership Plan (ESOP) that gives a real stake in Plaud’s long-term success.
• High-Impact Environment Work in a fast-moving, product-driven environment where your ideas directly shape the future of AI productivity.
• Cutting-Edge AI Tools for Productivity Access to best-in-class AI tools, including Cursor, GPT models, Gemini, Claude, and other frontier AI systems to maximize engineering and execution efficiency.
• Best-in-Class Equipment Choice of top-spec laptops, high-performance workstation setups, and cutting-edge Plaud devices for all new hires.
• Team & Culture Annual company offsites, team events, and a culture that values craftsmanship, ownership, and velocity.
• Medical & Insurance Coverage Comprehensive benefits to protect our employees' financial security, physical health, and longterm growth. Medical insurance and WICA coverage for all full-time employees.