Cybersecurity Consultant (Cloud and Architecture) - Jakarta

Indonesia

Applications have closed

Horangi Cyber Security

Leading cyber security firm in Asia, offering advanced cyber security products and services, including consulting. We specialize in equipping businesses with robust security solutions and expert guidance to navigate the digital landscape...

View company page

Building a Safer Cyberspace:At Horangi, we’re passionate about building safer cyberspace and creating software and services that solve challenging cybersecurity problems. Horangi focuses on building partnerships with our customers, developing an understanding of their business goals and building a security strategy that helps achieve their objectives. Horangi’s personnel have extensive engineering experience and a strong background in penetration testing, incident response and strategic consulting including both large multinational networks and small organisations with focused missions. We enjoy solving tough security problems and we are eager to find new challenges and build new relationships.
The Role:Horangi Cyber Security Consultant works directly with Horangi’s customers to perform cyber security assessments. Members of the Cyber Security Consultant team in Strategic Services are generally familiar with most aspects of cybersecurity but specialize in cybersecurity architecture, cloud security, cyber risk management, network and infrastructure security, application security, and security compliance.

We are looking for someone who:

  • Passionate in the cybersecurity domains and strive to explore new technologies, skillset, frameworks and trends
  • Being proactive and work independently with minimal supervision and like having autonomy a to make decisions.
  • Being a team player, trust and challenge each other, possess good interpersonal communication skills and helping mind in a team-oriented environment
  • Being able to communicate well, and willing to receive criticism and feedback
  • Ability to adapt fast in a startup environment
  • Being responsible and take pride in your work, willing to proactively conduct research as necessary to perform the assessment properly and improve the quality of deliverables 
  • Able to prioritise shifting workloads in a rapidly changing industry. 
  • Being user-centric and empathise with the client to solve their problems
  • Willing to travel around within South-east Asia and enjoy being out of your comfort zone.


  • Has experience with a good knowledge of Unix, Linux, Windows, network devices, firewalls, web and/or mobile application developmentsIs familiar with cloud environments such as AWS, Alibaba, or GCP, including with containerisation such as Docker and Kubernetes.
  • Has experience with complex information technology environments, including to review and assessment network and infrastructure design/diagram.
  • Has experience in risk management, including with risk scoring or assessment and good reporting skill.
  • Is familiar with managing infrastructure and technology in Microservice stack (such as Load Balancing, HAProxy, ORA Weblogic, Kafka or Kong)Has knowledge on how to perform assessment or analysis on the level of application, network and infrastructure for new application development or system integrationHas capability to understand SDLC processes to support IT operation and development for security compliance. 
  • Has a good understanding of SAST & DAST will be excellent.
  • Has general knowledge of information security management frameworks, such as ISO/IEC 27001, NIST, or PCI DSS.
  • Understanding of how business strategy, risk, regulation and technical constraints influence organisational responses to cyber security.
  • Excellent Bahasa Indonesia and English communication skills – both oral (for interviews/meetings, presentations) and written (for designing and writing engaging reports which communicate assessment report succinctly and clearly convey the message in a way which is appropriate for the audiences)
  • Strong business skills including presentation and report writing skills, analytical and problem-solving capabilities, strong project management, facilitation and delivery skills.
  • Like the sharing and cohesive culture by learning and improving together. We don't have any "subes", "suhu", "panutanque", "master", or similar words here. In our culture, no one is smarter than anyone. It is just a matter of who knows the knowledge in advance.

Key responsibilities:

  • Executing delivery of cybersecurity services for clients including:
  • Penetration Test and Remediation assistance on client for works: web application penetration test, mobile application penetration test, Network security assessments, API penetration test, Thick client application penetration test, and also assistance in categorisation and remediation of issues.
  • Secure architecture reviews and assistance including: reviewing architectures from client's product teams and providing security related feedback, analysis and synthesis on feature changes and integrating security into these applications, communication of security focus in agendas with product management for new and existing application development.
  • Cloud Security & Compliance review and assistance including: Assisting and supporting  the triage and identification of cloud security and compliance issues, training and education with the engineering & product teams around cloud security and compliance issues, integration with the CSIRT and other teams to effectively handle issue identification and remediation, technical and policy advisory around security and compliance issues.

  • Consult and advise with client's organizational personnel at tactical, operational, and strategic levels to achieve project goals on compliance toward a variety of regulatory compliance and industry standard frameworks
  • Contribute to the development of the cybersecurity service framework within the firm.
  • Draft, report and present to customer including leadership and executive management on on assessment findings, program statuses, and other security items as they impact business goals
  • Develop and deliver content on security domains of expertise to establish yourself, our team, and our brand as thought leaders in the community
  • Participate in speaking engagements and industry events to establish yourself, our team, and our brand as thought leaders in the community

Experience and certification:

  • One (1) to three (3) years or more involvement in various complex and large environments, including client-facing cybersecurity consulting experiences.
  • Experience on communicating in Bahasa Indonesia and English proficiently both in written and spoken language in the business context both for internal coordination and client-facing. 
  • At least one (1) of Cybersecurity-related certifications such as ISO 27001 Lead Implementor / Lead Auditor, ISC2 CISSP, ISACA CISA, ISACA CISM, ISACA CGEIT, ISACA CRISC, OSCP, OSWP, OSCE, OSWE, CompTIA Security+
  • Preferably has cloud or cloud security related certifications such as AWS Cloud Practitioner and/or Solutions Architect, or AWS Security Specialty, or Google Cloud Architect and/or Data Engineer, or Google Cloud Security Engineer
  • Experience on delivering cybersecurity services, preferably for multinational companies
  • Experience on working with different units/parties on security-related matters

Tags: APIs Application security AWS CISA CISM CISSP Cloud Compliance CompTIA CRISC CSIRT DAST Docker Firewalls GCP HAProxy Incident response ISACA ISO 27001 Kubernetes Linux Network security NIST OSCE OSCP OSWE OSWP PCI DSS Pentesting Risk management SAST SDLC Security assessment Security strategy Strategy UNIX Windows

Perks/benefits: Career development Startup environment Team events

Region: Asia/Pacific
Country: Indonesia
Job stats:  9  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.