Security Engineering Lead

byOrange

  • Jakarta
  • Permanen
  • kerja tetap
  • 10 hari lalu
  • Lamar dengan mudah
About The Job: We are looking for an experienced and passionate Security Engineering Lead with a proven track record in building and leading security teams. You will play a critical role in shaping and executing the company’s cybersecurity strategy, ensuring compliance with regulatory requirements, and strengthening our security posture across applications, infrastructure, and governance. This role requires strong leadership, technical expertise, and the ability to collaborate with multiple stakeholders to achieve company-wide security goals.Responsibilities:
  • Define and create the InfoSec division’s quarterly task list and ensure alignment with company objectives.
  • Supervise and guide the work of each InfoSec team member across Cloud Security, Application Security, Governance & Compliance, and Incident Response, ensuring OKRs are achieved.
  • Regularly report team progress, challenges, and achievements to the CTO.
  • Maintain and oversee ISO 27001:2022 certification for the company group.
  • Develop and update cybersecurity strategies to anticipate and address evolving cyber threats.
  • Establish annual CapEx and OpEx budget plans for the company’s cybersecurity needs and InfoSec team requirements.
  • Maintain and prepare annual security reports required by regulatory bodies (e.g., BI & OJK).
  • Implement company security policies based on industry frameworks such as ISO 27001:2022, NIST, RMF, and OWASP.
  • Coordinate and collaborate with other divisions on security-related initiatives and shared responsibilities.
  • Compile quarterly cybersecurity reports for management and stakeholders.
  • Reduce operational security costs while maintaining efficiency and effectiveness according to management priorities.
  • Develop and maintain a company-wide security maturity assessment framework and track improvements over time.
Requirements:
  • Minimum 5 years of experience in Information Security, with at least 2 years in a leadership or management role.
  • Strong communication skills, with the ability to translate complex security concepts into business language.
  • Proven experience leading security teams in areas such as AppSec, CloudSec, GRC, and Incident Response.
  • Deep understanding of regulatory requirements (ISO 27001:2022, PCI DSS, BI, OJK).
  • Strong background in penetration testing, cloud security (GCP/Hybrid/Kubernetes), and security operations.
  • Proficiency in security defense technologies (e.g., SIEM, WAF, Firewall, CSPM).
  • Knowledge of scripting/programming (Java, Python, Golang) is an advantage.
  • Hands-on experience with CI/CD security (SAST, DAST) and version control (Git).
  • Good knowledge of risk scoring methodologies (OWASP Risk Rating, CVSS).
  • Familiar with SQL-based databases (PostgreSQL, MySQL, etc.).
  • Strong ability to design security strategies, reduce costs, and improve overall security maturity.
  • Professional certifications such as CISM, CISSP, ISO27001 Lead Auditor or equivalent are highly desirable.
Powered by JazzHR

byOrange

Pekerjaan yang mirip

  • Engineering Lead (E-Commerce)

    Monroe Consulting

    • Jakarta
    Monroe Consulting Group is seeking a qualified Engineering Manager (IT) for a notable internet marketplace based in Jakarta, Indonesia. Job Description Provide leadership, dire…
    • 15 hari lalu

  • Engineering Tech Lead, Software Development

    TRB Ventures

    • Jakarta Pusat
    Mission: To lead a software development team in building and maintaining high-quality, scalable, and robust software solutions. This individual will be a hands-on technical expert,…
    • 27 hari lalu

  • Information Security Lead

    Hana Bank

    • Jakarta Pusat
    Develop and implement an information security strategy that aligns with bank’s goals and regulatory requirements. Lead the development and execution of the bank's incident respons…
    • 1 hari lalu