Security Engineer (Infrastructure Architect / 3+ Years Experience)

About the Team You Will JoinThe Security Infrastructure team is dedicated to designing security architectures that ensure the safe expansion of Toss's business, implementing and automating these architectures in real-world environments.This team covers cloud, network, and endpoint security, directly designing and implementing security policies and controls based on key infrastructure.We select technology stacks, create log architectures, and access control models, building a structure that defends against actual threats rather than merely implementing security for security's sake.Our team consists of members with diverse experiences, primarily from corporate information security roles and specialized information protection companies.We are looking for individuals who start with the question of “Why?” to improve security structures and design safer, more efficient methods while balancing technology and business needs.Responsibilities You Will UndertakeDevelop and manage information security solutions that protect Toss's services and employee environments.Establish and operate an access control system for internal information systems.Build a network separation environment and information leak response systems in accordance with financial compliance.Plan and operate systems to enhance security visibility and access control systems.Conduct modern threat analysis and incorporate global trends while establishing AI-based detection and analysis systems and real-time response strategies.Additional ResponsibilitiesDesign, build, and operate infrastructure security architectures across cloud (AWS/GCP/Azure) and on-premises/hybrid environments, covering networks, servers, databases, and containers. You may focus on either cloud or network based on your strengths.Design and reliably implement core security policies like IAM, network segmentation, access control, and encryption (KMS) in real environments.Structure repetitive security operations based on IaC and automation while collaborating with other teams to establish actionable security standards.Analyze security events and breach incidents to design and fundamentally improve security structure, policies, and automation.Ideal CandidateWe are searching for individuals with over 3 years of relevant experience.You should have experience dealing with infrastructure across cloud, network, and systems, not limited to one area.Experience in enhancing detection and response systems using security solutions like CSPM/CNAPP, SIEM, EDR, WAF, and KMS is essential.Experience in designing or improving operational efficiency through security automation and IaC with tools like Terraform/CloudFormation, Ansible, and Python is required.You should have experience interpreting and integrating security requirements in financial and regulatory environments (ISMS-P, ISO27001, PCI-DSS).

Have you ever wondered when you can truly engage in hands-on work? Join us now.- As a Security Engineer, you'll have the chance to work with real infrastructure from the start, going beyond operations to consider structural design and automation.- Even if you lack practical experience, if you have a solid foundation, you can achieve rapid growth and success alongside the best teammates!# Please Confirm Before Applying- It's completely fine if you don't have hands-on experience. If you have a willingness to learn and a desire to grow your career, we encourage you to apply.- Be sure to include the three mandatory items listed in your resume.- The candidates who succeed in this hiring process will be working within the Security Infrastructure team.# About the Team You'll Join- The Security Infrastructure team designs security architecture to ensure that Toss’s business can expand safely, applying and automating it in real environments.- We handle a broad spectrum including cloud, network, and endpoint, designing and implementing security policies and control frameworks based on key infrastructures.- We select technology stacks and create log architectures and access control models, building a structure that defends against real threats rather than just 'security for the sake of security'.- Our team members come from diverse backgrounds, most having experience in corporate information security roles and specialized information security firms.- We're looking for individuals who start with the question “why?” to improve security structures and design safer, more efficient methods while balancing technology and business.# Your Responsibilities Upon Joining- Operate security solutions across networks, endpoints, and systems while gaining hands-on experience in real infrastructure environments.- Engage directly with issues by conducting security configuration checks, log analysis, and responding to incidents.- Improve repetitive tasks and enhance operational efficiency by utilizing automation tools and AI.- Collaborate with seasoned colleagues, gaining practical experience and creating a rapid learning curve together.# We Want to Work with Someone Who- Has a relevant major such as Information Security or Computer Engineering, or has a solid foundation through equivalent learning.- Can explain the operating principles of infrastructure components like networks, servers, and operating systems.- Has experience in automation or small development projects through API integration and scripting.- Goes beyond mere task execution to understand structures and attempts improvements for personal growth.- Has invested time in activities such as security projects, challenges, or community engagement to grow as a security engineer.# Required Information for Your Resume- Detail your experiences where you’ve actively engaged in security or infrastructure. If you have links such as Notion or GitHub that showcase your work, please include those.- Write about experiences where you learned and applied specific technologies. Focus on what sparked your curiosity, what challenges you faced, what actions you took, and what you learned.- It's fine if the results weren't perfect; it's sufficient to highlight difficulties you encountered, points you felt were failures, and what you would change if you were to try again.# The Journey to Joining Toss- Document submission > Technical interview > Cultural fit interview > Reference check > Compensation negotiation > Final offer and onboarding.# A Message for Future Colleagues> "You can enjoy working as a Security Engineer in an environment where innovative technologies are applied, and grow together!"- The Security Infrastructure Team is dedicated to identifying security threats to our assets, reducing risks, and designing control structures based on threat levels. Throughout this process, we strive to balance security and productivity. We implement controls using technology while making rational decisions.- Our team is filled with colleagues who ponder difficult problems together and seek solutions. The supportive environment where we acknowledge and encourage each other's efforts is truly wonderful. If you join our team, I am confident we can help each other create better security solutions!

Security Engineers at daangn focus on protecting infrastructure and keeping user data safe. This position centers on finding vulnerabilities through penetration testing and setting up strong security protocols across our systems. Role overview This role involves hands-on work with infrastructure security in Seoul. The main responsibility is to identify and assess security risks, then act to address those issues. Attention to detail and a methodical approach are important, as your work directly impacts the safety of our platform. What you will do Conduct penetration tests to uncover vulnerabilities in our infrastructure Implement and maintain security protocols to meet high standards Support ongoing efforts to protect user data and system integrity Requirements Experience with infrastructure security and penetration testing Ability to identify, analyze, and address security vulnerabilities Commitment to maintaining strong security practices

About the Team You'll Join The Network Security Engineer at Toss Securities is part of the Network Engineering Team, collaborating closely with Network Engineers and IDC Managers. You will work alongside top talents from diverse sectors including finance, commerce, portals, and gaming, focusing on building and supporting secure networks for both external and internal clients. Our goal is to provide robust support for product development, enabling rapid deployment by enhancing our infrastructure to handle large-scale traffic and pushing for automation. Your Responsibilities Upon Joining As a Network Security Engineer, you will be responsible for security devices in the network area, including firewalls, DDoS protection, and VPNs to safeguard Toss Securities' clients and teams. You will perform regular preventive maintenance to ensure the stable operation of security equipment. Management and improvement of Toss Securities' security device monitoring solutions will be part of your role. You will build and operate network security devices, providing security-based technology within the data center. Ideal Candidate Profile A degree in Information Security, Computer Engineering, Information Communication, or a related field is required. A solid understanding of networks and security devices is essential. High proficiency in TCP/IP protocols and experience in packet analysis for troubleshooting are preferred. Experience with security system API integration or work automation is a plus. Prior experience in security training or practical security work is advantageous. Resume Recommendations Please describe a memorable technical issue you resolved (optimization, bug fixes, etc.). Detail projects you contributed to, focusing on your role, technology stack used, and improvements made. The Journey to Joining Toss Securities Application submission > Job interview > Cultural fit interview > Reference check > Salary negotiation > Final acceptance and onboarding. Important Notes False information in your resume or disciplinary issues in your work history may result in cancellation of your application. Applicants who fall under hiring restrictions per Toss Securities policies may also have their applications canceled. Individuals with disabilities or veterans are prioritized according to relevant laws. A Message for Future Colleagues The Network Security Engineer at Toss Securities creates and manages a secure and robust network structure both on-premises and in the cloud. This role goes beyond equipment management; it involves understanding service flows and traffic to continuously innovate better structures. The position requires proactive identification of potential threats and developing solutions. Our team takes initiative to investigate issues, identify root causes, and suggest efficient solutions swiftly, respecting each other's opinions while collaboratively ensuring the stability of financial services. We strive to continuously create improved methods rather than sticking to established practices.

Join Our Team!The Internal Infrastructure Engineer at Toss CX is a vital member of the General Affairs Team, responsible for establishing and implementing optimal internal infrastructure strategies that align with the rapid expansion of our business.This role transcends basic IT support, as you will enhance our network and security systems based on financial security guidelines, ensuring a safe and engaging work environment for all team members.Your Responsibilities:Design and Stabilize Internal IT Infrastructure: Create a scalable internal network and server infrastructure that matches Toss CX's business direction and organizational size, ensuring reliable operations.Manage Office Network and Security Infrastructure: Optimize and maintain the overall office network architecture, including L2/L3 switches and access points. Implement and manage cutting-edge security solutions like Zscaler, NAC, and WIPS to uphold a zero-trust work environment.Enhance IT Governance and Environment: Lead IT projects to establish an account management system based on Okta and Active Directory, standardizing internal infrastructure and maximizing work efficiency.

Join our dynamic team where innovation meets collaboration.About the TeamAs a System Engineer at Toss Securities, you will be part of the System Engineering Team alongside InfraOps Engineers.You will be responsible for building and supporting systems for external and internal clients, managing our IDC, and collaborating with exceptional team members from various sectors including finance, commerce, portals, and gaming.We focus on enabling product teams to concentrate solely on their products by building robust infrastructure capable of handling large-scale traffic and driving automation for faster product releases.Your ResponsibilitiesManage and support infrastructure for Toss Securities including servers, OS, SAN, storage, and backup systems.Allocate server equipment for new services and integrate them with existing services.Operate and manage our IDC and public cloud infrastructure.Who We're Looking ForExperience with system engineering and operations based on Linux OS for less than 5 years.Ability to collaborate with developers using scripting languages (Shell, Python, Perl, Ruby, etc.) for infrastructure management.Strong handling of Linux systems and good business understanding of services is preferred.Experience in building and operating system automation deployment solutions is a plus.Resume RecommendationsPlease detail two memorable cases of technical problem-solving (optimization, error fixing, etc.).Provide detailed descriptions of projects you've contributed to (project duration, your role, technology stack used, improvements made, etc.).List the versions of the OS and major solutions you have worked with.Application Journey at Toss SecuritiesApplication submission > Job interview > Cultural fit interview > Reference check > Negotiation > Final acceptance and onboardingAdditional InformationIf any false information is found in your resume or any disciplinary actions in your employment history are confirmed, your application may be canceled.

Join Our Team!As a Data Engineer specializing in Kafka & Streaming, you will be part of the Real-Time Data team within Toss Bank's Data Division.This team manages a variety of real-time data platforms, including Kafka, Flink, CDC, Kafka Connect, and ClickHouse.Your mission will be to ensure the reliability and scalability of the enterprise data infrastructure, enabling safe and efficient data collection and processing.Your ResponsibilitiesManage a Kafka Broker Cluster for high-volume message processing, including server MSA, service events, and client logs.Identify and resolve root causes of communication issues between Kafka Clients and Brokers in a Spring Boot environment.Develop real-time data applications to maintain stable Active-Active redundancy of Kafka Brokers.We Are Looking ForA candidate with a strong background in JVM-based programming languages and a deep understanding of them.Solid knowledge of operating systems, networks, data structures, and algorithms is essential.Experience utilizing Kafka Clients in a Spring Boot environment is highly desirable.Experience operating Kafka Brokers is a plus; however, understanding distributed systems is also acceptable.Resume RecommendationsPlease detail impactful projects you've worked on, especially those involving Spring Boot and Kafka.Express your deep understanding of distributed systems and storage solutions.Focus on the learning journey you undertook while creating your deliverables rather than just the final results.Your Journey with Toss BankApplication > Technical Interview > Cultural Fit Interview > Reference Check > Offer Negotiation > Final Acceptance and Onboarding.Important NoteAny falsehoods in your application materials or disciplinary history during your employment may result in the cancellation of your application.

Join Our Innovative TeamThe Machine Learning Engineer (Infra) will be part of the ML Platform Team within the Product Division at Toss Securities.The primary goal of the ML Platform Team is to create an optimal machine learning platform that enables the efficient and stable development and operation of various AI/ML services at Toss Securities.The ML Engineer (Infra) will focus on maximizing the efficiency of large-scale AI infrastructure, finely controlling resource usage, and enhancing infrastructure performance to its peak. Your Responsibilities Design and operate high-performance AI computing environments reliably.Design and operate top-of-the-line GPU clusters (H100, B300 series) connected via InfiniBand and high-performance storage (400Gbps) within a Kubernetes environment.Beyond merely building infrastructure, optimize networks and storage to extract the full potential of hardware performance. Develop a comprehensive control system for the entire AI infrastructure.Create an observability system to integrate and monitor AI resources distributed across internal infrastructure and external cloud.Implement management features to prevent resource monopolization by specific services and allocate resources precisely based on importance. Create automation tools for the most efficient resource usage.Analyze actual usage patterns to develop tools that recommend 'just-right resources' to avoid waste.Implement features that automatically scale up or down based on real-time model performance or error rates, and reallocate GPUs where necessary. Establish an environment for identifying and resolving model performance bottlenecks.Build profiling environments to accurately pinpoint slowdowns during model training or serving.Support the analysis and improvement of performance degradation causes between hardware and software. Who We Are Looking ForYou have experience building and operating Kubernetes-based ML infrastructures that handle large-scale traffic.You take responsibility for reliably operating live services beyond simple development.You have experience persistently analyzing and debugging to resolve root causes when issues arise.You possess a solid understanding of system resources (GPU/CPU/Memory/Network/Storage) and have experience building monitoring systems for them.You value the process of solving various problems that arise during service operations and strengthening the system. Preferred QualificationsExperience in unified monitoring of resource usage in large-scale clusters.Experience building systems to systematically control resources through Quota and Rate Limits.Experience with open-source platforms like Kubeflow or Kubernetes, including in-depth modifications as needed.Experience analyzing and optimizing bottlenecks at the kernel level using tools like Nsight Systems/Compute or PyTorch Profiler.Experience designing tasks to reduce costs or enhance performance tailored to workload characteristics (Rightsizing, Cost Optimization).Experience leveraging GPU virtualization technologies like MIG and MPS to maximize resource utilization.

About the Team You Will Join The Internal System Engineer position at Toss Securities is responsible for managing in-house infrastructure and IT support, collaborating closely with IT Managers and Internal Network/System Engineers. You will design both wired and wireless networks for the headquarters and remote locations, while integrating user-centric security technologies to create a seamless work environment. Your role will focus on enhancing internal infrastructure and operational efficiency, allowing Toss Securities colleagues to concentrate on their work. Your Responsibilities Upon Joining Establish and operate in-house VDI/HCI/virtualization infrastructure. Oversee the deployment and management of the Horizon VDI environment. Build and manage the necessary servers and HCI infrastructure. Streamline repetitive tasks through automation and scripting solutions. We Are Looking for Someone Who Has experience in building and managing servers based on Windows and Linux. Is capable of establishing and operating hypervisor environments such as VMware and Docker. Can manage VMware Horizon-based VDI environments. Possesses experience in setting up and operating various infrastructure services such as DNS, DHCP, AD, and SMB. Has basic knowledge of NAC, VPN, and DLP technologies. Has experience in establishing and managing monitoring tools like Prometheus, Grafana, and Zabbix. Is proficient in automation development using Python, PowerShell, and Ansible. Journey to Joining Toss Securities Application > Job Interview > Cultural Fit Interview > Reference Check > Salary Negotiation > Final Acceptance and Onboarding Please Note If any false information is found in the resume or if disciplinary actions are confirmed during employment, the recruitment may be canceled. Applicants who fall under the hiring restrictions or disqualifying reasons according to Toss Securities regulations may have their applications canceled. Individuals with disabilities or who are veterans will be given preferential treatment according to relevant laws. A Word for Future Colleagues> "You can experience everything as a System Engineer." - I joined Toss Securities after working as a System Engineer in a mobile service company with large traffic. In my previous role, I managed numerous platforms, but at Toss Securities, I realized I had a superficial understanding of infrastructure operations. Here, I closely collaborate with various departments and gain a comprehensive understanding of the overall architecture. I recommend Toss Securities for System Engineers who are eager to learn, passionate about their work, and seeking the best environment for a career quantum leap!

About the Team You'll Join The Security Division at Toss Securities is composed of the Security Policy Team, Security Engineering Team, Security Audit Team, and IT Innovation Team, with the Security Engineering Team focusing on technical security tasks. The security team receives comprehensive support across the organization to ensure the safety of Toss Securities services and collaborates closely with all departments. Each team member actively engages with peers in similar roles across subsidiaries, sharing knowledge and experiences to achieve common goals. The team comprises members with diverse experience levels ranging from 1 to 20 years, many of whom have backgrounds in information security firms and corporate information security roles. This year, the Security Engineering Team aims to enhance its information security management system to achieve international recognition and strengthen its capabilities in SOAR, ZTNA, and Cloud/Container security. Your Responsibilities You will identify potential security threats, data leakage risks, and compliance violations across endpoint environments and work to mitigate these issues. Analyze conflicts between security requirements and actual workflows, implementing solutions that balance security and user experience. Address endpoint security issues by analyzing root causes and implementing improvements to prevent recurrence. Manage to maintain consistent endpoint security standards throughout the device lifecycle. Design and automate policy-based control logic to evaluate endpoint status, user context, device posture, and the policy settings of security solutions to determine access permissions. Integrate endpoint security controls with IAM and access control to enhance the overall security framework. Who We're Looking For Experience in designing and customizing detection rules, blocking policies, and monitoring logic based on potential security threats in endpoint environments. Experience in designing and implementing technical solutions such as policy exceptions, temporary authorizations, and selective monitoring to ensure security controls do not hinder actual workflows. Experience in investigating endpoint security issues through log analysis, process tracing, and filesystem investigation at the Windows and macOS levels to identify root causes and establish preventive measures. Experience in designing and managing systems to maintain consistency in security standards throughout the entire lifecycle of devices, from provisioning to disposal. Ability to implement a Policy Decision Point that determines access permissions based on endpoint status information collected via security solution APIs, with experience in Python/Go, OPA, or AI/MCP-based tools being a plus. Experience in integrating security context collected from endpoints (such as device compliance and threat detection results) with IAM, network, and application layer access controls via SCIM, Webhook, and API would be advantageous. Your Pathway to Joining Toss Securities Application Submission > Job Interview > Cultural Fit Interview > Reference Check > Negotiation of Terms > Final Acceptance and Onboarding Additional Information Employment may be rescinded if false information is found in the resume or if any disciplinary actions are confirmed during employment history. Individuals who are prohibited from employment under Toss Securities regulations or have disqualifying factors may have their applications canceled. Individuals with disabilities and veterans will receive preferential treatment in accordance with relevant laws. A Note for Potential Colleagues We value innovation, collaboration, and a passion for security in our team. Join us to make a significant impact in the world of cybersecurity!

About the Team You Will Join The Security Division at Toss Bank comprises multiple teams including Security Policy, Privacy Protection, System Security, Network Security, Security Red Team, Security Blue Team, IT Service, and Security Audit. The Security Engineer (Endpoint Security) will work within the Security Division to manage various tasks aimed at protecting endpoints from external threats, particularly as part of the System Security Team. The Security Division collaborates with various teams to create secure and reliable services, and the System Security Team works closely with product organizations, Legal & Compliance, Platform Engineering, and Internal Audit to ensure security and regulatory compliance. We are dedicated to providing a secure environment for electronic financial transactions and to seamlessly integrating security into the daily operations of our users. Key Responsibilities Operate security solutions to protect Toss Bank's customers. Build, manage, and operate endpoint security solutions including Antivirus (AV), Data Loss Prevention (DLP), Network Access Control (NAC), and Endpoint Privilege Management (EPM). Ensure stable operation of endpoint security solutions and quickly resolve operational issues. Establish endpoint security policies for Windows and Mac OS and engage in proactive information security activities. Analyze events through endpoint security solutions and conduct threat response activities. Desired Qualifications A minimum of 5 years of experience in operating endpoint security solutions. Deep understanding of PC and server operating systems. Familiarity with basic networking and architecture concepts. Strong understanding of the operational principles and policies of endpoint security solutions. Experience with open-source endpoint security solutions and automation of security solutions is a plus. Application Instructions Please include detailed descriptions of your responsibilities and specific examples in your resume, as simple project lists may not be sufficient. We recommend submitting a portfolio along with your resume. Highlight your experiences and knowledge relevant to the job area in your application. In your portfolio, please document your studies or practical experiences in security technology and your level of understanding. Join Us at Toss Bank Application Submission > Job Interview > Cultural Fit Interview > Reference Check > Compensation Discussion > Final Acceptance and Onboarding Please Note Any discovery of false information in your resume or disciplinary actions during your employment history may result in cancellation of your application.

Welcome to the Daangn Team!At Daangn, we strive to create an environment where individuals can grow alongside the company's success.We are here to assist you in reaching that moment of joy while working with wonderful colleagues. Introducing the Security TeamThe Security Team aims to ensure that Daangn provides services securely. We defend against external attacks and prevent the leakage of valuable internal information. All our activities comply with various information protection laws and regulations. By understanding Daangn's business model, we provide clear standards that are implemented technically. Through these efforts, we create a reliable service that users can trust.Key ResponsibilitiesAssess and improve security risks in AI/ML-based service environments.Audit and manage access controls and security configurations for AI service components, including training data, model files, APIs, and infrastructure.Monitor and respond to security issues in LLM and generative AI environments, such as prompt injection and data leaks.Analyze AI service logs to detect anomalies, investigate security events, and resolve issues.Conduct security vulnerability assessments and actions during model deployment and operation.Establish and continuously improve security guidelines and policies.We Seek Candidates Who:Have experience in vulnerability assessments, penetration testing, or incident response.Are familiar with LLMs and understand the operational mechanisms of prompt-based services.Have a foundational understanding of cloud architecture (IAM, networking, storage) in platforms like AWS, GCP, or Azure.Possess basic knowledge of AI/ML or LLM service structures.Have experience in log analysis and root cause identification.Are proactive in addressing security issues, focusing on improvements rather than just reporting.Preferred Qualifications:Understanding of ML pipelines (data collection → training → deployment → monitoring).Experience with container environments such as Docker and Kubernetes.Have at least one year of experience in security, cloud, backend, or ML engineering.Have experience in improving repetitive tasks through security automation or scripting.Regularly learn about and share new AI security issues or trends.Additional InformationThere is a 3-month probation period for full-time hires.As per the Employment Promotion and Vocational Rehabilitation of Persons with Disabilities Act and the Act on the Honorable Treatment and Support of Veterans, individuals with disabilities and veterans will receive preferential hiring.

About the Role tosscareers is hiring an Infrastructure Automation Engineer in Seoul. This role focuses on building and maintaining automated systems that improve the efficiency and reliability of IT services. The position involves hands-on work designing, implementing, and supporting infrastructure automation. What You Will Do Design automated solutions for managing infrastructure Implement and maintain automation tools and workflows Support the stability and scalability of IT services through automation Who We’re Looking For Experience or strong interest in cloud technologies Familiarity with automation tools and systems Motivated to improve IT operations through automation

#LI-DNI Join Our Dynamic Security Team! As a Security Engineer at Tosscareers, you will be part of the Information & Security Tribe, handling technical operations within the Security Purple Team and Security Green Team. The Security Purple Team is a hybrid of Red and Blue teams, focusing on event analysis, incident response, vulnerability assessments, penetration testing, and scenario-based threat modeling. We prioritize customer safety and collaborate closely with all teams to enhance Toss's security measures. Your Responsibilities Will Include: Designing, building, and operating SIEM (Splunk, Opensearch, Elasticsearch). Creating robust architectures for secure log collection across various environments (On-Prem, AWS, K8S). Ensuring stable operation and enhancement of log pipelines (NIFI, KAFKA, Hadoop). Establishing and managing logging/monitoring systems for performance optimization and incident response of the Security Data Platform (SIEM). Designing and normalizing standard models for various logs to improve log analysis efficiency. We Are Looking For Candidates Who: Have experience in designing and building scalable and optimized SIEM systems. Can identify and resolve issues in log collection, data loading, search, and query building processes. Have worked with heterogeneous security log pipelines in On-Prem and AWS environments (ETL, ELT). Have standardized various forms of security logs (OCSF, CIM, etc.) for easier analysis. Have automated tasks using Python scripting. Resume Tips: Detail specific examples of your work, particularly your roles in projects, the technologies used, and improvements made before and after. Explain any challenges faced during problem-solving and how you addressed them. If you have diverse problem-solving experiences (technical, managerial), provide concrete examples. Include specific cases where you applied learned technical skills to your work.

Join Our Team!As a UX Researcher at Toss Securities, you will delve into the essence of investment experiences, collaborating with users to enhance their investment journeys. You will be at the forefront of defining the future of investing, interpreting every moment of a trader's experience.Our UX Researcher is an integral part of the UX Research Team.The UX Research Team collaborates closely with all teams needing user insights, particularly the product organization and the Strategy Team.We focus on uncovering impactful insights through essential research rather than mere reporting or sharing.Your ResponsibilitiesDrive improvements across various Toss Securities products, grounded in an understanding of the securities industry and user needs.Engage with a diverse range of users of our securities services, suggesting product directions and identifying areas for enhancement.Conduct user experience research using appropriate methodologies such as User Testing (UT), In-depth Interviews, Focus Group Interviews (FGI), and surveys.We Are Looking ForIndividuals with hands-on experience in enhancing user experiences for digital products or substantial knowledge and experience in digital product contexts.Proficiency in selecting optimal research methodologies based on situational needs, with the ability to effectively share research findings to guide product direction.A strong desire to learn and challenge oneself in new endeavors.Excellent communication skills to derive and persuade UX decision-making foundations.Journey to Joining Toss SecuritiesApplication Submission > Job Interview > Cultural Fit Interview > Reference Check > Compensation Negotiation > Final Offer & OnboardingPlease NoteThis position allows applications without a portfolio. We encourage individuals who may have felt burdened by portfolio creation to apply freely.When applying, please provide specific details about practical projects where you personally designed and conducted user experience research. Research projects or side projects may not be suitable examples.Highlight your process from problem definition, hypothesis setting, research design and validation, to deriving results, explaining how you set goals and conducted research. Sharing lessons learned in detail is encouraged.The job interview will involve in-depth discussions based on two examples you select, independent of portfolio submission. Be aware that you may need to prepare separate presentation materials later.If false information is discovered in your resume or submitted documents, or if disciplinary issues are confirmed during your employment history, employment may be canceled.Individuals who are prohibited from employment or have disqualifying factors according to Toss Securities policies may have their applications canceled.Individuals with disabilities and those recognized as national veterans are preferred according to relevant laws.Colleague's InsightWe listen carefully to every user's voice to create the best user experience.All users of our securities services are investors. Therefore, it is crucial to integrate diverse perspectives and habits regarding investments into the Toss Securities user experience.We are looking for someone who can consider users' financial contexts and usage scenarios from multiple angles to help make Toss Securities the premier investment product.

Team and Collaboration The Security team at Toss brings together a range of professionals: CISO, Security Engineers, Security Researchers, Information Security Managers, Privacy Managers, and IT Managers. This group works closely with the Infra team, product development silos, Legal, and Compliance to build secure services for Toss. Members also connect with security peers across subsidiaries, sharing knowledge and collaborating on specialized areas. Working here means helping to build and improve security systems that support Toss in delivering reliable services. What You Will Do Design and operate AWS cloud security architecture, managing cloud security infrastructure such as CSPM and CWPP. Set up detection and response systems using logs, and automate security policies with IaC tools like Terraform. Manage IDS/IPS, WAF, and DDoS protection systems, addressing network vulnerabilities proactively. Design and refine detection policies through traffic and packet analysis, including regular expressions. Collect and respond to security events using SIEM/SOAR, and operate endpoint solutions like EDR and DLP to strengthen organizational security. Lead security design at the service architecture level and support technical compliance requirements. Requirements At least 5 years of experience as an in-house Security Engineer. Hands-on experience building and operating security systems in AWS cloud environments. Background in constructing and managing network security solutions (IDS/IPS, WAF) and capability in traffic and packet analysis, including optimizing detection policies. Experience with SIEM for event correlation analysis and developing threat hunting and response playbooks is preferred. Familiarity with endpoint security solutions such as EDR, AV, and DLP, as well as handling malware responses and configurations, is a plus. Technical experience with security certifications and financial regulations (ISO27001, PCI-DSS, ISMS-P) is advantageous. Resume Tips Describe previous roles with clear examples, emphasizing project contributions, technology stacks, and measurable improvements. Share how you approached and solved challenges, including your thought process. Include experiences where you identified and responded to security threats or resolved technical and managerial issues. Highlight specific cases where you learned and applied new security technologies or addressed emerging threats. Hiring Process Application Job Interview Cultural Fit Interview Reference Check Compensation Negotiation Final Offer and Onboarding Voices from the Team "I enjoy working with exceptional colleagues." One team member who joined after serving as the sole security officer at a previous company shared how building Toss's security infrastructure alongside the team has brought stability and a stronger security posture. This collaborative environment has become a source of pride as the team secures valuable assets together. Toss encourages setting personal goals every half-year, empowering team members to take ownership and collaborate with accomplished peers.

About the Team You Will JoinThe Security Division of Toss Bank consists of various teams including Security Policy, Privacy Protection, System Security, Network Security, Security Red Team, Security Blue Team, IT Service, and Security Audit teams.The Network Security Engineer at Toss Bank will be responsible for the implementation and management of internal and external firewall systems, along with various tasks related to network security, including the operation of DDoS, IPS, and WAF systems.The Security Division collaborates with multiple teams to create a safe and reliable service for Toss Bank. The Network Security Team particularly works closely with product groups, and Legal & Compliance, Platform Engineering, and Internal Audit teams to ensure compliance and internal controls.Toss Bank's Security Division is committed to securing electronic financial transactions for clients and providing a safe working environment for employees.Responsibilities You Will HaveManage and improve network security solutions (FW, DDoS, IDS/IPS, WAF, Suricata) to protect services and employee work environments.Monitor and respond to network attacks and anomalies in real-time, continuously reviewing, tuning, and optimizing detection policies and rules.Design stable network security architecture and lead the construction and enhancement of new systems.Enhance operational efficiency through automation, creating an environment where security personnel can focus on strategic tasks.Ideal Candidate ProfileExperience in building and operating network security solutions (FW, DDoS, IDS/IPS, WAF, Suricata).Ability to analyze network security events/logs and experience in understanding and responding to various attacks.A deeper understanding of enterprise security infrastructure beyond simple equipment operations, focusing on policy, permissions, assets, and risk-based operations.Experience or fundamental understanding of network security architecture design, as well as experience in network troubleshooting and packet analysis (e.g., using Wireshark).Please Include the Following in Your ResumeRather than listing projects, we recommend detailing your roles, contributions, and results with specific examples.If you have experience designing network security architecture, detecting/blocking intrusions through pattern/signature analysis, or participating in drills, please mention them.Especially if you have detailed experiences in building/operating network security solutions or troubleshooting, please describe them thoroughly.

About the Team You'll JoinThe Network Security Engineer at Toss Securities is part of the Network Engineering Team, collaborating closely with Network Engineers and IDC Managers.We work with top talents across various sectors, including finance, commerce, portals, and gaming, to establish and support secure networks for both external and internal customers.Our goal is to ensure that our teams can focus on product development by building robust infrastructure capable of supporting the largest retail securities firm in the market, driving automation for faster product launches. Your ResponsibilitiesAs a Network Security Engineer, you will manage security devices such as firewalls and VPNs to protect our customers and teams.Maintain a reliable, high-availability network that operates 24/7, continuously improving its resilience.Collaborate on the design and implementation of networks that interact with applications and servers.Build and operate network security devices, providing security foundation technologies within the data center. Who We Are Looking ForA minimum of 5 years of experience in building and operating network security devices.Experience in analyzing, optimizing, and maintaining firewall policies is essential.Strong understanding of TCP/IP protocols with packet analysis experience for troubleshooting.Experience with API integration of network security devices or scripting for automation is a plus.Familiarity with financial information protection regulations and experience in related implementations is advantageous.Experience designing and building security network architectures optimized for high traffic is highly desirable.Experience in public cloud environments (AWS, GCP, Azure) is a strong plus. Resume RecommendationsPlease describe a memorable technical issue you resolved (optimization, bug fix, etc.).Detail your contributions to projects, including your role, technologies used, and outcomes before and after the project. Journey to Joining Toss SecuritiesApplication submission > Technical interview > Cultural fit interview > Reference check > Salary negotiation > Final acceptance and onboarding. Please NoteAny inaccuracies in your resume or disciplinary history during employment may result in cancellation of the hiring process.Candidates identified as ineligible according to Toss Securities' regulations may have their applications canceled.Persons with disabilities and veterans will be given preference in accordance with applicable laws.

Role Overview Toss Careers is hiring a Systems Engineer to strengthen our backup infrastructure in Seoul. This position focuses on building, maintaining, and improving backup systems that protect critical data and support business continuity. What You Will Do Design, implement, and maintain backup solutions to safeguard company data Work with teams across the company to troubleshoot and resolve backup-related issues Monitor and optimize backup system performance Identify areas for improvement and help refine backup processes over time Location This role is based in Seoul.

Join the Frontend Chapter at Toss Securities!We are developing mobile and desktop products using modern web technologies, including services for Android and iOS app web views and back-office operations.Our goal is to provide a sleek investment experience that makes complex investment products accessible to everyone while leveraging optimal engineering techniques to display real-time data seamlessly.About the TeamCollaborate with Platform Designers to define what constitutes an excellent UX for Toss Securities services.Assist designers in creating high-quality UX designs and develop tools that simplify implementation for developers.Your ResponsibilitiesDevelop and maintain the design system utilized in Toss Securities services.Establish principles and structures that ensure the design system provides consistent and scalable interfaces.Define UX rules such as responsive design, keyboard usability, and loading experiences to ensure comfortable use across all environments.Create a “Design Linter” that allows designers to receive suggestions for improved UX directly in design editor tools.