Working Student in Information Security at Allianz Direct supporting security monitoring and managing vulnerability assessments. Collaborating with cross - functional teams to enhance cybersecurity posture and awareness.
About the role
- Security Manager responsible for overseeing risk-based security program and compliance. Leading team and collaborating with stakeholders for cybersecurity in Indonesia.
Responsibilities
- Develop and manage risk-based security program and strategy, drive its successful implementation through security, policies, procedures and standards.
- Work closely with technical, non-technical stakeholders and cross-functional teams to ensure compliance with security standards and policies and integration of security requirements into business processes and projects.
- Define risk appetite, develop risk acceptance, management and reporting protocols to make sure company leadership is aware of the risk profile and can make informed decisions. Conduct regular security assessments, audits and inspections to identify gaps and areas for improvement, and report the results.
- Support the CTO in security budgeting, vendor selection, and control assurance activities.
- Lead and manage a team of security professionals, including hiring, training and performance management.
- Oversee the implementation and maintenance of security technologies such as SIEM, intrusion detection and prevention systems, WAF, vulnerability management, etc.
- Implement security incident response protocols and plans, lead incident response and security breaches investigations. Conduct root cause analysis, develop and implement mitigation and corrective actions.
- Act as a subject matter expert in cloud security, directly supporting DevOps and Software Engineering teams in secure infrastructure architecture, deployment, configuration and operations. Participate hands-on in security reviews of infrastructure changes.
- Design and implement secure software development lifecycle (S-SDLC) and engage with Software Engineering and DevOps teams to implement secure development practices, including code reviews, static and dynamic security scanning, dependency checks, etc. Ensure software vulnerabilities are fixed in time and work closely with relevant teams to develop, manage and track SLOs on security fixes.
- Stay current with emerging security threats and technologies, and implement appropriate measures to mitigate risks.
- Provide training and awareness programs to technical and non-technical employees on information security best practices and procedures.
Requirements
- 7+ years of professional experience in cybersecurity with at least 3 years in a leadership or team-lead role.
- In-depth understanding of cybersecurity principles and best practices.
- Excellent understanding of risk-management principles and demonstrated experience implementing them in the real-life security program.
- Hands-on experience implementing and reviewing cloud infrastructure configurations and assessing its security. Experience implementing secure infrastructure management pipelines.
- Experience building and running security incident response programs and being hands-on coordinating and participating in security incident response.
- Availability to respond to security alerts and respond to security incidents outside of business hours.
- Certification in information security is preferable
- Strong knowledge of SIEM tools, intrusion detection systems (IDS/IPS), and security monitoring tools
Benefits
- Join us as we make magic happen to increase Indonesia’s financial inclusion!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Enterprise Security Implementation Specialist at Vodafone supporting customers in implementing security solutions. Responsibilities include onboarding, incident management, and ensuring service quality with Fortinet and Zscaler products.
Cyber Security Specialist at Vodafone responsible for shaping and deploying security measures. Collaborating with business, IT, and Network teams as a trusted security partner.
Manager at PwC contributing to digital transformation in Utilities through technology consulting and stakeholder management. Focused on creating strategies and providing technology solutions in a data - driven world.
Research Associate conducting advanced research in iOS security within a leading institute for applied cybersecurity. Emphasis on secure application development and vulnerability analysis.
Cybersecurity Engineer focused on threat monitoring and incident response for Verizon's network security. Collaborating on security architecture and vulnerability management across multiple locations.
Senior Manager of Application Security leading initiatives to protect applications at Nordstrom through strategic leadership and AI - driven tooling. Collaborating with engineering to ensure secure software development practices.
Information Security Engineer responsible for deploying and supporting security tools across cloud and on - premise systems. Collaborating with IT to mitigate security risks in a hybrid work environment.
Casual Retail Security Officer for MSS Security ensuring safety at Tweed Mall in Tweed Heads. Responsible for patrols, incident response, and customer service.
Financial security advisor at Desjardins developing client relationships and selling life and health insurance products. Focusing on customer satisfaction and personalized financial solutions.