438 Security Lead jobs in Indonesia

• Develop and implement an information security strategy that aligns with bank's goals and regulatory requirements.
• Lead the development and execution of the bank's incident response plan and oversee post-incident analysis to identify lessons learned and improve future response efforts.
• Provide strategic guidance on emerging security threats and industry trends to senior management.
• Oversee day-to-day security operations, security tools and technologies that currently belong to Information Security Unit, ensuring they are effective and up-to-date.
• Enforce security policies, procedures, and standards to protect bank assets.
• Conduct regular security assessments and audits to identify potential vulnerabilities and compliance gap.
• Work closely with other IT departments to ensure security is integrated into all technology initiatives.
• Lead, mentor, and develop a team of security professionals, fostering a collaborative and innovative work environment.

Minimum Qualifications

• Bachelor's Degree in Information Technology, Computer Science, Cybersecurity, or related field
• Minimum 8 years work experience in IT security, preferrably in banking industry
• Having knowledge related to framework network standardization such as OSI Layer and TCP/IP
• Experienced in configuring Linux and Windows operating systems
• Having knowledge related to information security framework issued by international organizations such as ISO, NIST, CIS and OWASP
• Having professional certifications such as CISSP, CISM, CISA, or equivalent are highly desirable

• Bachelor Degree in Computer Science / Information Technology / Cybersecurity or related major from reputable university, minimum GPA: 3.00

• At least 4 years of experience of Penetration Testing (Mobile, Web, API)

• At least 1 year experience leading the Red Team

• Excellent teamworking and communication skills

• Knoweledge in cloud security

• Strong attention to detail.

• Have experience in bug bounty

• IT Security Certification (CEH, CIH, CHFI, CAP, OSCP,eJPT) will be a plus

• Have experience with ISO 27001 certification is plus

• Design and architect scalable, secure, and efficient blockchain solutions tailored to business requirements.
• Evaluate and select appropriate blockchain platforms, consensus mechanisms, and cryptographic techniques.
• Develop and enforce security protocols and best practices for smart contracts, dApps, and overall blockchain infrastructure.
• Conduct comprehensive security audits, penetration testing, and vulnerability assessments of blockchain systems.
• Lead the identification and mitigation of security risks and threats within the blockchain ecosystem.
• Collaborate with development teams to ensure secure coding practices and robust implementation of blockchain solutions.
• Provide technical leadership and guidance on blockchain technology and security to internal teams and stakeholders.
• Stay abreast of emerging threats, vulnerabilities, and advancements in blockchain security.
• Contribute to the development of internal security policies and procedures.
• Research and recommend new technologies and strategies to enhance blockchain security and performance.

• Conduct comprehensive security audits of smart contracts written in Solidity and other relevant languages.
• Analyze dApp architecture and blockchain protocols for potential security risks and vulnerabilities.
• Identify and document code flaws, logic errors, reentrancy attacks, integer overflows, and other common smart contract exploits.
• Develop and utilize automated security analysis tools and techniques.
• Provide detailed reports with clear explanations of vulnerabilities, risk assessments, and remediation recommendations.
• Collaborate with development teams to guide them through the remediation process.
• Stay abreast of the latest security threats, attack vectors, and best practices in the blockchain space.
• Contribute to the development of internal security standards and audit methodologies.
• Mentor junior security analysts and auditors.
• Research emerging blockchain technologies and their security implications.
• Communicate complex technical findings to both technical and non-technical stakeholders.

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related technical field.
• 5+ years of experience in software development, with at least 3 years specifically focused on blockchain and smart contract security auditing.
• Proficiency in Solidity and experience with various blockchain platforms (e.g., Ethereum, BSC, Polygon).
• Strong understanding of common smart contract vulnerabilities and exploitation techniques.
• Experience with static and dynamic analysis tools for smart contracts.
• Familiarity with formal verification methods is a plus.
• Excellent analytical, problem-solving, and critical-thinking skills.
• Strong written and verbal communication skills, with the ability to articulate technical risks clearly.
• Ability to work independently, manage time effectively, and meet deadlines in a remote environment.
• Active participation in the blockchain security community is advantageous.

About The Job:

We are looking for an experienced and passionate Security Engineering Lead with a proven track record in building and leading security teams. You will play a critical role in shaping and executing the company's cybersecurity strategy, ensuring compliance with regulatory requirements, and strengthening our security posture across applications, infrastructure, and governance. This role requires strong leadership, technical expertise, and the ability to collaborate with multiple stakeholders to achieve company-wide security goals.

Responsibilities:

• Define and create the InfoSec division's quarterly task list and ensure alignment with company objectives
• Supervise and guide the work of each InfoSec team member across Cloud Security, Application Security, Governance & Compliance, and Incident Response, ensuring OKRs are achieved
• Regularly report team progress, challenges, and achievements to the CTO
• Maintain and oversee ISO 27001:2022 certification for the company group
• Develop and update cybersecurity strategies to anticipate and address evolving cyber threats
• Establish annual CapEx and OpEx budget plans for the company's cybersecurity needs and InfoSec team requirements
• Maintain and prepare annual security reports required by regulatory bodies (e.g., BI & OJK)
• Implement company security policies based on industry frameworks such as ISO 27001:2022, NIST, RMF, and OWASP
• Coordinate and collaborate with other divisions on security-related initiatives and shared responsibilities
• Compile quarterly cybersecurity reports for management and stakeholders
• Reduce operational security costs while maintaining efficiency and effectiveness according to management priorities
• Develop and maintain a company-wide security maturity assessment framework and track improvements over time.

Requirements:

• Minimum 5 years of experience in Information Security, with at least 2 years in a leadership or management role
• Strong communication skills, with the ability to translate complex security concepts into business language
• Proven experience leading security teams in areas such as AppSec, CloudSec, GRC, and Incident Response
• Deep understanding of regulatory requirements (ISO 27001:2022, PCI DSS, BI, OJK)
• Strong background in penetration testing, cloud security (GCP/Hybrid/Kubernetes), and security operations
• Proficiency in security defense technologies (e.g., SIEM, WAF, Firewall, CSPM)
• Knowledge of scripting/programming (Java, Python, Golang) is an advantage
• Hands-on experience with CI/CD security (SAST, DAST) and version control (Git)
• Good knowledge of risk scoring methodologies (OWASP Risk Rating, CVSS)
• Familiar with SQL-based databases (PostgreSQL, MySQL, etc.)
• Strong ability to design security strategies, reduce costs, and improve overall security maturity
• Professional certifications such as CISM, CISSP, ISO27001 Lead Auditor or equivalent are highly desirable

Powered by JazzHR

OoPTHoIc1P

• Lead and mentor a team of SOC analysts, providing guidance on incident detection, analysis, and response procedures.
• Oversee the day-to-day operations of the Security Operations Center, ensuring 24/7 monitoring and threat detection.
• Develop, refine, and implement advanced security monitoring use cases and detection rules within SIEM and other security tools.
• Conduct in-depth analysis of security alerts, logs, and events to identify potential threats, vulnerabilities, and malicious activities.
• Lead incident response efforts, including containment, eradication, and recovery, coordinating with internal stakeholders and external parties as necessary.
• Perform forensic analysis of security incidents to determine root causes and recommend preventative measures.
• Stay abreast of the latest threat intelligence, attack vectors, and cybersecurity trends to proactively enhance defense mechanisms.
• Develop and maintain playbooks and standard operating procedures (SOPs) for various security incident scenarios.
• Manage and tune security tools, including SIEM, IDS/IPS, EDR, and threat intelligence platforms.
• Collaborate with IT infrastructure, application development, and other teams to address security vulnerabilities and implement remediation plans.
• Conduct security awareness training for employees and provide regular reports on security status and incidents to management.
• Participate in security assessments, penetration testing coordination, and vulnerability management programs.
• Contribute to the continuous improvement of SOC processes, technologies, and team capabilities.
• Act as a subject matter expert (SME) on security-related issues for the organization.

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Minimum of 8 years of experience in cybersecurity, with at least 3 years in a lead or senior SOC analyst role.
• Extensive experience with SIEM platforms (e.g., Splunk, QRadar, Azure Sentinel), EDR solutions, and other security technologies.
• Deep understanding of network protocols, operating systems (Windows, Linux), and common attack vectors.
• Proven experience in incident response, digital forensics, and malware analysis.
• Familiarity with threat intelligence platforms and frameworks (e.g., MITRE ATT&CK).
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong leadership, team management, and communication skills.
• Relevant certifications such as CISSP, GIAC (GCFA, GCIH), or equivalent are highly desirable.
• Ability to work effectively under pressure and manage multiple priorities.
• Experience in a financial or heavily regulated industry is a plus.

• Lead, mentor, and manage a team of SOC analysts, ensuring optimal performance and continuous development.
• Oversee the real-time monitoring of security alerts and logs from various security tools (SIEM, IDS/IPS, EDR, etc.).
• Direct the investigation and analysis of security incidents, determining scope, cause, and impact.
• Develop and refine incident response procedures, ensuring rapid and effective containment and remediation of threats.
• Leverage threat intelligence to proactively identify potential vulnerabilities and attack vectors.
• Configure and optimize security monitoring tools to enhance detection capabilities and reduce false positives.
• Develop and deliver regular reports on security posture, incidents, and trends to management.
• Stay abreast of the latest cybersecurity threats, vulnerabilities, and defensive techniques.
• Collaborate with other IT and security teams to implement security enhancements and address identified risks.
• Conduct threat hunting exercises to uncover sophisticated or unknown threats.
• Contribute to the development and maintenance of SOC playbooks and operational procedures.
• Ensure compliance with relevant security standards and regulations.
• Manage the SOC environment and tools, including troubleshooting and upgrades.
• Provide expert guidance during security incidents and high-severity events.

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. A Master's degree is preferred.
• Minimum of 7 years of experience in a Security Operations Center environment, with at least 3 years in a lead or supervisory role.
• Extensive experience with SIEM platforms (e.g., Splunk, QRadar, LogRhythm), IDS/IPS, EDR, and other security technologies.
• Deep understanding of various attack vectors, malware types, and threat actor tactics, techniques, and procedures (TTPs).
• Proven experience in incident response, forensic analysis, and digital forensics.
• Strong knowledge of network protocols, operating systems, and cloud security concepts.
• Excellent analytical, problem-solving, and critical-thinking skills.
• Exceptional leadership, communication, and interpersonal abilities.
• Relevant security certifications such as CISSP, GCIH, GCIA, or CEH are highly desirable.
• Ability to perform effectively under pressure and make sound decisions in critical situations.
• Must be a self-motivated individual capable of working autonomously in a remote setting while fostering team collaboration.