IT Infrastructure and Security Manager
Posted about 21 hours ago
Who we are
Intrepid Asia is a leading e-commerce and Digital Solutions Provider in Southeast Asia. We offer end-to-end omni-channel ecommerce management, Livestreaming, Video production & Affiliate Management for Social Commerce, plus full funnel Digital Marketing Services and advanced Market Intelligence, all powered by state of the art in-house Technology to our client base of leading international brands across all key marketplaces and social platforms in all 6 SEA countries. Brands love our regional presence, our excellent data-driven and growth-focused services, which are enabled by the strongest team in the industry, and our advanced marketing and tech capabilities.
We are growing rapidly and as the exclusive partner of Flywheel in SEA, we offer many exciting opportunities to work with leading brands across multiple categories and key industry players. By joining us, you will work on the cutting edge of digital and social commerce in SEA, and experience what it takes to drive a successful e-commerce business end-to-end.
The team you will be part of
Technology at Intrepid is a strategic pillar — not a support function. Our Tech team has been operating since 2017 and has built the platforms, tools, and infrastructure that power our services across 6 SEA markets. As we scale, we need the same rigour applied to our internal IT operations and security posture that we apply to our client-facing products.
You will report to the CTO and lead a distributed team of 7 IT Support Engineers based across our offices in Vietnam, Indonesia, Thailand, Malaysia, the Philippines, and Singapore. You will be the senior point of accountability for everything IT infrastructure and security — from end-user computing to brand security compliance — while our DevOps team retains ownership of cloud infrastructure and deployment pipelines.
The part you will play
As IT Infrastructure & Security Manager, you will own two complementary pillars: keeping Intrepid’s internal IT operations running reliably across 6 countries, and ensuring our security and compliance posture meets the expectations of the leading international brands we work with.
On the infrastructure side, you will manage the end-user device fleet, office networking, identity and access management, productivity tooling including AI tools, and IT service delivery across all markets. On the security side, you will own brand-facing security questionnaires, internal risk assessments, security policy, endpoint and application security tooling, and compliance documentation. Cloud infrastructure security (Kubernetes, DevOps pipelines, cloud-native controls) remains with the DevOps team; you will collaborate with them on cross-cutting concerns such as IAM, SSO, and audit logging.
This is a senior, high-ownership role. You will set the standard for IT operations and security across the organisation, build the team’s capability across markets, and be the primary contact for security matters with brand partners and auditors.
As IT Infrastructure & Security Manager, you will take charge of
IT Infrastructure & End-User Computing
- Own and operate the end-user computing environment across 6 countries: desktop and laptop fleet (Mac and Windows), mobile device management, hardware and software procurement, asset tracking, and lifecycle management.
- Manage office networking infrastructure across all Intrepid locations — LAN/WAN, Wi-Fi, VPN, and firewall configuration — ensuring reliable, secure connectivity for all staff.
- Own identity and access management: Microsoft AD , SSO configuration, MFA enforcement, and onboarding/offboarding workflows across all systems.
- Manage productivity and collaboration tooling — Google Workspace, Microsoft 365, Slack, including licensing, admin configuration, and user support escalations.
- Define and enforce IT procurement standards: approved hardware specifications, software licensing compliance, and vendor management for IT services.
- Own the IT service management process: ensure the helpdesk function delivers consistent, high-quality support to all staff across markets, with clear SLAs and escalation paths.
People Management — Country IT Support Team
- Lead, manage, and develop a team of 7 IT Support Engineers distributed across Vietnam, Indonesia, Thailand, Malaysia, the Philippines, and Singapore.
- Set clear performance expectations, conduct regular 1:1s, and run quarterly reviews for each team member — holding the team to a consistent service and quality standard regardless of country.
- Build team capability: identify skill gaps, plan training, and develop IT engineers towards greater autonomy and seniority over time.
- Act as the escalation point for complex or cross-country IT issues that the country IT engineers cannot resolve independently.
- Coordinate rotas and coverage to ensure IT support continuity across time zones and during leave periods.
- Foster a cohesive, high-performing team culture across a geographically distributed group — using async communication norms, regular team syncs, and shared playbooks.
IT Security & Endpoint Protection
- Own endpoint security across the device fleet: EDR deployment and management (e.g. Sophos or equivalent), patch management cadence, antivirus, and device encryption.
- Implement and maintain Data Loss Prevention (DLP) controls to protect sensitive client and business data across endpoints and collaboration tools.
- Configure and manage email security controls: anti-phishing, anti-spam, and email gateway policies.
- Run security awareness training and phishing simulation programmes for all staff across markets.
- Manage application security at the access layer: enforce least-privilege access, review access rights quarterly, and own the joiner-mover-leaver process end-to-end.
- Collaborate with the DevOps team on cross-cutting security controls: SSO integration, audit log pipelines, and IAM governance — with clear ownership boundaries agreed upfront.
Security & Compliance — Brand Questionnaires
- Own end-to-end responses to vendor and brand security assessments — SIG, CAIQ, and bespoke enterprise questionnaires from brand partners across all 6 SEA markets.
- Build and maintain a reusable, versioned response library so questionnaire turnaround time reduces over time as the library matures.
- Work cross-functionally with operations, engineering, and product stakeholders to gather evidence and translate technical controls into clear, accurate answers for non-technical audiences.
- Track all open questionnaires, manage deadlines, and ensure timely, accurate submissions that accurately represent Intrepid’s security posture.
Internal Security Assessments & Risk Management
- Conduct periodic internal risk assessments — identify gaps against ISO 27001, and OWASP, and produce prioritised remediation plans with owners and timelines.
- Run web application and infrastructure vulnerability assessments on internal and external-facing systems; triage findings with the relevant engineering or IT owners.
- Maintain and test the incident response plan — define roles, runbooks, and escalation paths; run tabletop exercises at least twice per year.
- Produce a regular security posture report for the CTO covering open risks, remediation progress, key metrics, and emerging threats relevant to Intrepid’s environment.
Security Documentation & Policy
- Author and maintain the full suite of IT and security policies: acceptable use, access control, data classification, incident response, BYOD, remote working, and vendor risk management.
- Produce and maintain compliance evidence packs: data flow diagrams, asset inventories, control matrices, and audit trails required for brand reviews and future certification work.
- Ensure policies are practical, communicated to staff, and embedded in onboarding processes with partnership with country HR — not just documents that sit in a folder.
- Support any future ISO 27001 certification initiatives by building the evidence and process foundations now.
Requirements
What we are looking for — the ideal profile
Technical Skills — Must Have
- 8+ years in IT infrastructure, IT operations, or a combined IT/security management role, with at least 2 years in a people management position.
- Proven experience managing a distributed, multi-country IT support team — setting standards, developing engineers, and delivering consistent service quality across geographies.
- Solid hands-on grounding in end-user computing: device management (Jamf, Intune, or equivalent), identity and access (Microsoft AD, SSO, MFA), and office networking.
- Experience owning or significantly contributing to security questionnaire responses (SIG, CAIQ, or equivalent) for enterprise or brand clients.
- Working knowledge of endpoint security: EDR platforms, patch management, DLP, email security controls, and security awareness programmes.
- Familiarity with at least one security or compliance framework: ISO 27001, NIST CSF, SOC 2, or PDPA/data protection legislation relevant to SEA markets.
- Strong project management skills: can run multiple workstreams in parallel, manage stakeholders across countries, and deliver to deadlines without close supervision.
- Business-level written and spoken English — essential for brand-facing questionnaire responses and regional team communication.
Technical Skills — Nice to Have
- Experience with vulnerability assessment tooling (Nmap, Tenable, Burp Suite, OWASP ZAP) and interpreting and communicating findings to non-technical stakeholders.
- Familiarity with SIEM platforms (Wazuh, Microsoft Sentinel, ELK, or similar) for security monitoring and alerting.
- Exposure to scripting or automation (PowerShell, Python, or Bash) for IT operations tasks.
- Security certification: CompTIA Security+, CISSP, CISM, ISO 27001 Lead Implementer, or equivalent.
- Prior experience in an e-commerce, SaaS, or regional tech company operating across multiple SEA markets.
Leadership & Soft Skills
- People-first manager: genuinely invested in developing the IT engineers on the team; gives clear feedback, creates growth opportunities, and holds the team to high standards with empathy.
- Strong communicator: adapts style and depth for IT engineers, non-technical business stakeholders, and brand security teams — equally comfortable in a technical debrief and an executive summary.
- Regional mindset: experienced working across cultures and time zones; understands that managing a distributed team requires deliberate effort on communication norms, async tools, and inclusion.
- Ownership and accountability: takes end-to-end responsibility for IT operations and security outcomes across the region — does not wait to be asked.
- Pragmatic risk prioritisation: makes sensible trade-offs between security rigour and operational velocity; security as an enabler, not a blocker.
- Structured and documentation-driven: naturally produces clear written outputs — policies, reports, runbooks — and holds the team to the same standard.
Benefits
In return, you will be getting
- A senior, high-ownership role with direct reporting to the CTO — you will set the IT and security standard for the entire organisation across 6 SEA countries.
- A team of 7 country IT support engineers to lead and develop — real people management scope with the opportunity to build a high-performing regional IT function.
- Exposure to a fast-scaling, multi-market technology environment with real brand relationships and genuine security accountability.
- A collaborative, entrepreneurial culture where your ideas get heard and good initiatives get implemented — this role has significant scope to build the IT and security governance to the global standards.
We also offer
Best of Both Worlds
We are a scale-up: the sophistication of a small multinational, with the agility of a start-up. This means you get to work on cutting-edge projects, and besides your standard job description, we love to see you show entrepreneurial initiative and want to see your take on how you can take your role and our company to the next level. Good ideas get implemented. You are the master of your own destiny.
Culture that Brings Out the Best
At Intrepid, culture is not just a buzzword — it is what we practice at work every day. We believe in collaboration over competition, transparency over politics, and willingness to learn over ego. You will be part of a team where people genuinely support one another, celebrate wins together, and face challenges head-on as one. We put our all into the work, but we balance it with fun, whether that is through team lunches, after-work hangouts, events or shared laughter in the office. This is a place where you can thrive professionally while having a great time.
Grow Without Limits
Learning at Intrepid is constant and dynamic. You will have access to formal training through face-to-face sessions, coaching, and our very own Intrepid Academy. On top of that, real-world experience such as leading clients, working with advanced tech, and mastering best-in-class processes will accelerate your growth every step of the way. Surrounded by a talented team that raises the bar daily, in a rapidly growing and ever-expanding business, the opportunities for your development are endless.
Rewarding You Right
We believe great work deserves great rewards at Intrepid. That's why we offer competitive compensation and generous benefits, including comprehensive insurance and ample leave, to support you both in and out of the workplace. We want you to feel valued, cared for, and empowered to bring your best self to work every day.
Note: We will not be accepting any unsolicited resumes or CVs from headhunting or recruitment agencies at this point. Any CVs or profiles shared with us will not be entertained, and in the event of dispute, Intrepid will not be liable for any material compensation to third parties.
#LI-VD1
Other open roles at Intrepid Asia(6)
Intrepid is a leading regional ecommerce and digital solutions provider across Southeast Asia, helping brands win online through omni-channel, social commerce & data-driven marketing.
Key team members

Mukesh Singh

Christopher B. Beselin

Pierre F.

Aditi Thakur
Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.