Platform Security Engineer

The ASUS Robotics & AI Center is seeking a Platform Security Engineer to join our global research and development team. This role is central to establishing and maintaining the security posture of our cloud-based platform, spanning application hardening, infrastructure security, and the practices that keep our systems secure as they scale.

We are looking for an experienced engineer with deep expertise in application and cloud security, a proactive mindset for identifying and mitigating risk, and the ability to work effectively across a collaborative, multidisciplinary engineering team. The ideal candidate is a seasoned, self-directed professional who can own security architecture end-to-end while guiding others toward secure development practices.

• Own application and infrastructure security across the platform, from production launch through long-term scaling.
• Harden authentication (OAuth/session handling) and API authorization patterns, including multi-tenant access control.
• Configure and maintain IAM policies, service accounts, and least-privilege access controls across cloud infrastructure.
• Secure data flows including file uploads, signed URLs, database access, and secrets management.
• Set up and maintain security monitoring, logging, and alerting systems.
• Build and maintain security tooling integrated into CI/CD pipelines, including SAST, DAST, and dependency scanning.
• Perform regular security assessments, dependency audits, and penetration testing.
• Respond to security incidents and conduct root cause analysis.
• Evolve security architecture as the product and team scale.
• Guide the engineering team on secure development practices and document security controls and incident response procedures.

Requirements

• Bachelor's degree or higher in computer science, information security, or a related field.
• 7+ years of experience in application or infrastructure security roles.
• Proven experience securing production web applications, preferably in Node.js/Next.js environments.
• Deep familiarity with cloud security on GCP or equivalent platforms, including IAM, VPC, IAP, Secret Manager, and Cloud Armor.
• Strong understanding of OAuth, session security, and multi-tenant authorization patterns.
• Experience with security scanning tools (SAST, DAST, dependency scanning) and integrating them into CI/CD workflows.
• Experience with Terraform security hardening.
• Strong verbal and written communication skills, including the ability to document security controls and guide non-security engineers.
• Penetration testing experience is a plus.