Information Security Architect

Location: Jakarta,Jakarta,Indonesia

Mekari is Indonesia's no. 1 Software-as-a-Service (SaaS) company. Our mission is to empower businesses and professionals to progress effortlessly. Our products (Mekari Talenta, Mekari Jurnal, Mekari KlikPajak, Mekari Qontak & Mekari eSign) have been used by tens of thousands of businesses in Indonesia.

To reach millions, we need more people like you: entrepreneurs, builders, owners inside the company who are eager to grow at scale. Join us to empower more businesses with technology.

Key responsibilities: 

• Provide technical guidance to the security team and/or lines of businesses if and when required;

• Align and balance business requirements with security and information technology requirements, based on the organization’s risk appetite;

• Evaluate new and current technologies that can be used to better secure and streamline processes;

• Designing, maintaining and troubleshooting complex security implementations;

• Collaborating with stakeholders to ensure security and compliance levels are aligned with industry regulations and standards;

• Develop reference and standard architectures that can be used to solve common requirements or mitigate trends in security findings in a repeatable way following (and identifying) recommended best practices;

• Advise application and infrastructure teams on application and infrastructure security design that is relevant and fit for purpose;

• Advise and periodically review application security design to detect potential security issues and for each issue, propose and drive remediation tasks;

• Research and investigate new effective ways of delivering security as code, automation into the existing security architecture assessments and processes and other service delivery optimizations;

Requirements:

• Minimum of 3+ years working in cybersecurity related field;

• Demonstrated knowledge of: 

  • Cybersecurity frameworks (e.g., NIST, ISO), policies, design principles, practices and enabling tools

  • A strong understanding of common services used in cloud-based architectures, with expertise in at least one cloud vendor (AWS, GCP, or Alibaba Cloud), and awareness of Cloud Platform Security and controls;

  • IaC (Infrastructure as Code) and supporting technologies (Cloud Formation, Terraform, etc.

  • General security threats, attack vectors, and vulnerabilities - ability to act as SME on threat modeling;

• Able to use critical and logical thinking to prioritize work that drives the most impact to overall security posture and risk management;

• Demonstrated ability to work in a challenging, dynamic, and fast-paced environment with limited supervision. Candidate should be able to succeed in both independent and collaborative work scenarios;

• Excellent problem-solving and analytical skills;

• In-depth technical understanding on foundational security issues;

• Can communicate abstract or complex ideas with conciseness and clarity;

• Can provide leadership and mentorship on security issues;

• Systematic in pushing security agenda;

• Can align effectively with various stakeholders;

• Ability to influence in a rapidly changing organization. 

Our team will review your application and will be in touch if your application is shortlisted to the next stage. If you do not hear from us in 30 days, we will keep your resume on file in case a relevant opportunity opens up. 

Don't forget to check our Recruitment FAQ at bit.ly/RecruitmentFAQ-Mekari [ENG] or bit.ly/RekrutmenMekari-FAQ [INA] to find the answers to commonly-asked questions regarding our recruitment process. 

We wish you the best. Hope to see you around soon!