Helicap is a Singapore-based FinTech firm connecting global investors to private debt opportunities in Southeast Asia. The company’s mission is to bridge a USD400 billion financing gap underserved by traditional financial institutions and deploy capital to 300 million underbanked individuals through 1,000 originators across the region. Helicap’s equity backers include Malaysia's leading independent investment bank Kenanga Investment Bank Berhad (“Kenanga Group”), Japanese financial services firm Credit Saison, Temasek-backed alternative investment firm Tikehau Capital, Phillip Capital, and leading venture firms such as East Ventures, Access Ventures, Voveo Capital, and Singapore’s Soilbuild Group Holdings.
Over the last seven years, Helicap has raised over USD15 million in paid-up capital through its regulated subsidiaries and deployed more than USD600 million in capital using proprietary data analytics. Leveraging this capability, the group has indirectly supported more than 5 million MSMEs and individuals. Its collaboration with Temasek Trust on Southeast Asia's first Financial Inclusion Report demonstrates its commitment to building an impactful, sustainable, and ethical financial ecosystem. Since its inception, the Helicap group has built exclusive networks with hundreds of platform partners, reaching more than 200 million potential borrowers across the region.
Run — Day-to-day operations
● Administer Google Workspace, Jumpcloud (including MDM), Ironscales, Cloudflare Zero Trust, Slack, GitHub, and Dropbox
● Own end-to-end employee lifecycle: onboarding, access provisioning across all platforms, offboarding, and deprovisioning — integrated with BrioHR
● Maintain the IT asset inventory and endpoint management programme
● Handle IT support and issue resolution for a primarily non-technical team
Build — Programme and tooling
● Design and document a formal onboarding/offboarding process with automated access controls triggered from BrioHR
● Implement and manage endpoint detection and response across the device fleet
● Build and maintain a vendor registry with associated risk assessments
● Govern cloud and developer access in AWS and GitHub — IAM roles, access reviews, CloudTrail monitoring
● Identify, evaluate, and integrate tooling gaps across the security stack
● Own Helicap's MAS TRM compliance artefacts: access reviews, risk assessments, incident logs, and audit trail documentation
● Develop and maintain security policies, runbooks, and employee security guidelines
Your First 90 Days
Days 1–30: Audit current access, tooling, and endpoints across all platforms. Document the as-is state. Map gaps against MAS TRM requirements.
Days 31–60: Formalise the onboarding and offboarding process with BrioHR–Jumpcloud integration. Validate endpoint coverage and MDM policy enforcement. Stand up the vendor registry.
Days 61–90: Close priority findings from the tech audit. Establish a recurring cadence for access reviews and security reporting to leadership.
Tools You'll Work With
Current stack
● Identity, access & MDM: Jumpcloud
● Email security: Ironscales
● Collaboration & file storage: Google Workspace, Slack, Dropbox
● Network access: Cloudflare Zero Trust
● Cloud infrastructure: AWS
● HR: BrioHR
● CRM: HubSpot
● Code & project management: GitHub, Linear
Gaps to evaluate and fill — your call on tooling
● Endpoint detection & response (EDR) — e.g. CrowdStrike, SentinelOne, Microsoft Defender
● IT ticketing / ITSM — e.g. Freshservice, Jira Service Management
● Privileged access management (PAM) — for elevated AWS and GitHub access
● Security awareness training — e.g. KnowBe4
● SIEM / log aggregation — e.g. Datadog Security, Elastic SIEM
● Data loss prevention (DLP) — across Google Workspace, Slack, and Dropbox
● Password manager — e.g. 1Password, Bitwarden
What We Offer
● Remote-first with flexibility across Singapore, India, and Malaysia
● Direct ownership of Helicap's IT and security function from day one
● A small, technical team that trusts you to make the right calls
● 4–7 years of IT operations and/or security engineering experience, ideally at an SME or startup where you were the sole or lead IT function
● Hands-on experience with identity and access management platforms (Jumpcloud, Okta, Azure AD, or equivalent)
● Google Workspace and Slack administration
● Experience governing cloud access in AWS — IAM, CloudTrail, Security Hub
● Familiarity with zero-trust network access (Cloudflare Zero Trust or equivalent)
● Working knowledge of MAS TRM guidelines or a comparable fintech/financial services compliance framework
● Experience building or owning vendor risk management and IT asset tracking programmes
● Scripting or automation skills (Python, Bash, or similar) for provisioning workflows and tooling integration
● Strong documentation habits — you write runbooks, not tribal knowledge
● Comfortable making independent tooling recommendations and owning implementation end-to-end
Interested candidates can send their resumes to hiring@heli-cap.com with the subject title “IT_Security_Operations_ Engineer_FirstName_LastName”.
We are also open to hearing from IT managed service providers, consultancies, or staffing agencies who can deliver this capability — whether as a direct placement or a managed service. If that's you, reach out with details of how you would approach the scope above.