Information Security Architect

Mekari is Indonesia's no. 1 Software-as-a-Service (SaaS) company. With our ecosystem of software solutions—including Mekari Jurnal, Mekari Talenta, Mekari Qontak, and Mekari Flex, we aim to facilitate entrepreneurs and leaders as they accelerate the digital transformation of their businesses.

In our 10+ years of journey we have reached over 1 Million platform users, and we're not planning to stop any time soon. We need more people like you: builders and owners with calculated ambition who are eager to grow and create their #BiggestImpact.

Key responsibilities:

• Provide technical guidance to the security team and/or lines of businesses if and when required;
• Align and balance business requirements with security and information technology requirements, based on the organization’s risk appetite;
• Evaluate new and current technologies that can be used to better secure and streamline processes;
• Design, maintain and troubleshoot complex security implementations;
• Collaborate with stakeholders to ensure security and compliance levels are aligned with industry regulations and standards;
• Develop reference and standard architectures that can be used to solve common requirements or mitigate trends in security findings in a repeatable way following (and identifying) recommended best practices;
• Advise application and infrastructure teams on application and infrastructure security design that is relevant and fit for purpose;
• Advise and periodically review application security design to detect potential security issues and for each issue, propose and drive remediation tasks;
• Research and investigate new effective ways of delivering security as code, automation into the existing security architecture assessments and processes and other service delivery optimizations;

Requirements:

• Minimum of 3+ years working in cybersecurity related field;
• Demonstrated knowledge of:
• Cybersecurity frameworks (e.g., NIST, ISO), policies, design principles, practices and enabling tools;
• A strong understanding of common services used in cloud-based architectures, with expertise in at least one cloud vendor (AWS, GCP, or Alibaba Cloud), and awareness of Cloud Platform Security and controls;
• IaC (Infrastructure as Code) and supporting technologies (Cloud Formation, Terraform, etc.);
• General security threats, attack vectors, and vulnerabilities - ability to act as SME on threat modeling;
• Able to use critical and logical thinking to prioritize work that drives the most impact to overall security posture and risk management;
• Demonstrated ability to work in a challenging, dynamic, and fast-paced environment with limited supervision. Candidate should be able to succeed in both independent and collaborative work scenarios;
• Excellent problem-solving and analytical skills;
• In-depth technical understanding on foundational security issues;
• Can communicate abstract or complex ideas with conciseness and clarity;
• Can provide leadership and mentorship on security issues;
• Systematic in pushing security agenda;
• Can align effectively with various stakeholders;
• Ability to influence in a rapidly changing organization.

Our team will review your application and will be in touch if your application is shortlisted to the next stage. If you do not hear from us in 30 days, we will keep your resume on file in case a relevant opportunity opens up.

We wish you the best. Hope to see you around soon!