Join our dynamic team in Jakarta as an Enterprise Security Engineer, where you'll play a pivotal role in shaping and implementing robust enterprise security for Kredivo Group. Our Enterprise security team runs programs related to Endpoint security, Network security & monitoring, Data Leakage Prevention (DLP), vulnerability & patch management. As part of Kredivo’s Group Information Security team, you will report to the Enterprise Security Lead based out of Jakarta & work closely with the Kredivo IT team.
Responsibilities:
- Endpoint security & vulnerability management
- Proactively monitor & respond to Endpoint Detection and Response (EDR) alerts.
- Assist in implementing vulnerability and patch management processes to ensure a secure endpoint environment.
- Implement and enforce CIS hardening standards for laptops, desktops, and network appliances.
- Optimize endpoint security processes to enhance threat detection and response efficiency and effectiveness.
- Network Security:
- Contribute to implementing and maintaining security controls in network firewalls, IDS, and IPS.
- Work to enhance the security posture of the organization's network infrastructure.
- Monitor the alerts and respond to network intrusions.
- Participate in incident response activities and conduct thorough investigations.
Qualifications & technical skills required:
- A bachelor's degree (preferably focus on IT but not mandatory)
- At least 3-5 years in Information Security in any two or multiple areas, such as endpoint security, data leakage prevention, vulnerability & patch management, network security or SOC.
- Experience with identity and access management frameworks and protocols, including SAML, OAUTH, and SCIM.
- Good to have an experience with a scripting language (e.g. Python, Bash, or similar)
- Good knowledge of modern adversary tactics, techniques, and procedures
- Certifications such as, CompTIA Security+, CCNA/P, ISC2 or ISACA related, is a plus
- A good understanding of security principles and best practices and a good background in managing EDR, DLP, vulnerability, and patch management tools.
- Demonstrated experience working with IT and security teams and Previous experience in industries such as Fintech or Financial Services is a plus.
Behavioral & soft skills required:
- Self-starter with a proactive attitude and proven ability to work independently with minimal supervision.
- Ownership mindset, demonstrating high self-motivation in leading security initiatives and projects.
- Continuous learner with a strong appetite for experimentation and interest in automating security processes.
- Excellent analytical skills for assessing and solving complex security issues.
- Clear and concise communicator adept at conveying security concepts to technical and non-technical stakeholders.
- Proficient in creating comprehensive security reports and documentation for various audiences.
- Collaborative team player with proven effectiveness in cross-functional teamwork, sharing knowledge to enhance team capabilities.
- Good organizational skills, capable of maintaining detailed documentation for security processes and incidents.