Teach Lead - Cloud Platform Engineering

About us:

MatchMove is a profitable Singapore-based fintech company and one of Asia's leading Banking-as-a-Service (BaaS) providers, enabling businesses to embed financial services directly into their digital ecosystems. Operating its proprietary, secure, and regulated Banking Wallet OS™ platform across Asia and beyond, MatchMove empowers enterprises to issue accounts, cards, payments, loans, and other financial products seamlessly within their own platforms.

The company is experiencing double-digit year-on-year growth and processes billions of transactions each year, underscoring its scale, resilience, and trust among partners and users. Recognized with multiple industry awards including the Frost & Sullivan's 2025 Singapore Enabling Technology Leadership Recognition for Excellence in Embedded Finance Innovation. MatchMove has been celebrated for driving innovation across a wide range of embedded finance use cases.

By partnering with leading local banks and ecosystem players, MatchMove bridges the gap between traditional banking and modern digital commerce. Its mission is to deliver innovative, secure, and inclusive financial technology solutions that drive digital transformation for businesses while empowering millions of end users across the region.

With a strong commitment to innovation, regulatory excellence, and sustainable growth, MatchMove continues to pioneer new approaches to embedded finance, redefining how businesses and consumers access and interact with financial services in Asia and beyond.

Are You The One

You treat infrastructure as a product, not a ticketing queue. You are a hands-on technical leader who doesn't measure success by how many fire emergencies you put out, but by how seamlessly application teams can provision, deploy, observe, and secure their own workloads through robust golden paths you build.

You are a seasoned infrastructure leader who excels at building self-serve cloud platforms, possesses deep networking and Kubernetes expertise, and thrives under the rigid compliance needs of a multi-market payments estate. You lead a small, high-performing team by example, setting a pristine standard for code, automation, and platform engineering.

Responsibilities

• Productize the Platform: Set the technical strategy and roadmap for the internal cloud platform. Treat internal application and domain teams as customers with real SLAs, feedback loops, and self-serve developer portals (e.g., Backstage).
• Architect Production Networking: Own the end-to-end connectivity architecture across five markets, managing VPC/multi-account topologies, Transit Gateway, Direct Connect, VPN, BGP route propagation, DNS failover, and carrier-diverse pathing to eradicate single points of failure.
• Manage a Mixed Estate: Oversee both Kubernetes and non-Kubernetes workloads (EC2 and bare-metal environments) used for latency-sensitive components like card authorization paths, ISO 8583 processing, and HSM key management.
• Drive Resilience & Automated Remediation: Establish cross-region and cross-AZ resilience architecture to hit strict RTO/RPO targets. Run regular chaos drills, backup/restore validations, and build event-driven, agentic remediation systems to automatically triage and heal common incidents before humans are paged.
• Enforce Security & Compliance by Default: Bake policy-as-code and zero-trust security into the infrastructure fabric. Ensure immutable audit logging to generate hands-free evidence for MAS-TRM, PCI DSS, ISO 27001, and SOC 2 compliance.
• Set the Engineering Bar: Hold the platform team's own code to the highest standard. Enforce rigorous testing for IaC (Terraform/Pulumi), CI linting, secret scanning, trunk-based development, and GitOps workflows (ArgoCD/Flux).
• Govern Unit Economics: Shift the paradigm from reactive monthly spend cleanup to proactive cost awareness. Build granular visibility tools to define what a specific tenant, environment, or transaction costs, and implement showback systems to drive engineering behavior.
• Lead & Mentor: Lead a small, agile platform team through hands-on architecture, code reviews, and mentorship. Balance the daily tension between shipping features and hardening infrastructure while communicating complex trade-offs to non-technical stakeholders.
  
  

Requirements

• Experience: 10+ years in cloud infrastructure or platform engineering, with a proven track record of designing multi-tenant systems and leading teams or major platform initiatives.
• Platform Mindset: Direct experience building internal developer platforms, APIs, and portals—not just basic CI/CD pipelines.
• Core Networking & Cloud Depth: Advanced AWS expertise (Organizations, Control Tower, IAM) along with deep networking mastery (BGP, Transit Gateway, Direct Connect, path diversity, and route table debugging).
• Containerization & OS Fundamentals: Deep Kubernetes knowledge (operators, Helm, RBAC, OPA/Gatekeeper, Kyverno, CNIs) paired with strong Linux fundamentals and comfort tuning/hardening bare-metal and EC2 environments.
• Automation & Tooling: Fluency in Python and/or Go for tooling, alongside advanced IaC (Terraform or Pulumi) and GitOps (ArgoCD or Flux).
• Incident Automation: Practical experience building event-driven or agentic automation frameworks for audited, bounded incident triage and self-healing.
• Security & Compliance: Strong background operating under strict compliance frameworks (MAS-TRM, PCI DSS, ISO 27001, SOC 2) using identity federation (OIDC/JWT), secrets management, and network segmentation.
• Observability & FinOps: Experience defining metrics, traces, and logs (Prometheus, OpenTelemetry, Grafana) to back SLOs, alongside a mindset focused on the unit economics of cloud spend.
  
  

Nice-to-Haves

• Background in Fintech, payments, or Banking-as-a-Service (BaaS), and familiarity with privacy regulations like PDPA and GDPR.
• Hands-on experience with payments infrastructure (ISO 8583 processing, card auth latency paths, and PCI-scoped network isolation).
• Production experience managing API gateways or service meshes (Kong, Apigee, Istio, Envoy) utilizing traffic routing and zero-downtime releases.
• Familiarity with progressive delivery (canary, blue-green), automated rollbacks, and chaos engineering practices.
• Relevant industry certifications (e.g., CKA/CKS, AWS Solutions Architect Professional, AWS Security, or advanced networking certs).
  
  

MatchMove Culture:

• We cultivate a dynamic and innovative culture that fuels growth, creativity, and collaboration. Our fast-paced fintech environment thrives on adaptability, agility, and open communication.
• We are AI-first in our approach. We embrace AI as a strategic tool that enhances decision-making, creativity, and productivity. Every team member is equipped and encouraged to integrate AI into their workflow, experiment with new tools, and contribute to our collective AI literacy.
• We focus on employee development, supporting continuous learning and growth through training programs, learning on the job and mentorship.
• We encourage speaking up, sharing ideas, and taking ownership. Embracing diversity, our team spans across Asia, fostering a rich exchange of perspectives and experiences.
• Together, we harness the power of fintech and e-commerce to impact people's lives meaningfully.
• Grow with us and shape the future of fintech. Join us and be part of something bigger!
  
  

Personal Data Protection Act:

By submitting your application for this job, you are authorizing MatchMove to:

• collect and use your personal data, and to disclose such data to any third party with whom MatchMove or any of its related corporations have service arrangements, in each case for all purposes in connection with your job application, and employment with MatchMove; and
• retain your personal data for one year for consideration of future job opportunities (where applicable).