Join our dynamic team in Jakarta as a Security Engineer (Cyber Defense), where you'll play a pivotal role in shaping and implementing robust cyber defenses for Kredivo Group. Our cyber defense team runs programs related to Endpoint security, WAF, Network security & monitoring, Data Leakage Prevention (DLP), Threat Intel, Threat Detection and vulnerability & patch management. As part of Kredivo’s Group cyber defense Security team, you will report to the Cyber Defense Lead & will work closely with the Kredivo IT team.


Responsibilities:

  • Proactively monitor & respond to Endpoint Detection and Response (EDR) alerts.
  • Assist in implementing vulnerability and patch management processes to ensure a secure endpoint environment.
  • Implement and enforce CIS hardening standards for laptops, desktops, and network appliances.
  • Contribute to implementing and maintaining security controls in network firewalls, IDS, and IPS.
  • Participate in security incident response activities and conduct thorough investigations.
  • Configure and manage Cloudflare security features including WAF, DDoS protection, bot management, and SSL/TLS settings.
  • Monitor Cloudflare dashboards for security events and performance issues, and respond to incidents effectively.
  • Implement and maintain Cloudflare rulesets to protect web applications against emerging threats.
  • Collaborate with the Threat Detection team to fin -tune existing security detections and develop new detection rules.
  • Use our threat intelligence database and analysis to identify emerging threats and integrate findings into incident response processes to enhance detection, containment, and remediation efforts.”

Qualifications & technical skills required:

  • A bachelor's degree (preferably focus on IT but not mandatory)
  • At least 4-6 years in Information Security in any two or multiple areas, such as endpoint security, data leakage prevention, vulnerability & patch management, network security, SOC or Cloudflare security administration.
  • Experience configuring and managing Cloudflare features, including WAF, CDN, SSL/TLS, and security rulesets.
  • Good to have an experience with a scripting language (e.g. Python, Bash, or similar).
  • Good knowledge of modern adversary tactics, techniques, and procedures.
  • Certifications such as CompTIA Security+, CCNA/P, ISC2 or ISACA related.
  • A good understanding of security principles and best practices and a good background in managing EDR, DLP, WAF, vulnerability, patch management, and CDN security tools.
  • Demonstrated experience working with IT and security teams and previous experience in industries such as Fintech or Financial Services is a plus.

Behavioral & soft skills required:

  • Self-starter with a proactive attitude and proven ability to work independently with minimal supervision.
  • Ownership mindset, demonstrating high self-motivation in leading security initiatives and projects.
  • Continuous learner with a strong appetite for experimentation and interest in automating security processes.
  • Excellent analytical skills for assessing and solving complex security issues.
  • Clear and concise communicator adept at conveying security concepts to technical and non-technical stakeholders.
  • Proficient in creating comprehensive security reports and documentation for various audiences.
  • Collaborative team player with proven effectiveness in cross-functional teamwork, sharing knowledge to enhance team capabilities.
  • Good organizational skills, capable of maintaining detailed documentation for security processes and incidents.

#LI-RR1