IT Security Specialist

Department: Security

Location: Remote Indonesia (Yogyakarta)

We’re looking for someone great to lead critical work in Security & Compliance!

Your primary task is to strengthen our security processes and keep our agency and our clients safe. You will take extreme amounts of initiative and enthusiasm to get things done. To do this, you should have a natural curiosity to research, experiment and reach out to the right people.

We’re looking for someone who is driven to build comprehensive security systems, but also practical enough to understand real-world constraints and create resilient safeguards when the ideal setup isn’t immediately available. Strong problem-solving is a must. You should be able to break down complex security issues into manageable components and execute them flawlessly.

You will be responsible for communicating with internal teams, clients, and vendors to win buy‑in, explain risks, enforce compliance, and keep everyone aligned.

• Implementing, monitoring, and maintaining endpoint and network security tools (CrowdStrike, MFA, SSO, VPNs, password managers, etc.)
• Managing user access controls and enforcing security policies across all devices (including BYOD).
• Conducting vulnerability assessments and coordinating incident response.
• Reviewing and hardening security configurations for web servers, cloud environments, and third‑party integrations.
• Supporting compliance efforts for ISO 27001, GDPR, SOC 2, and similar frameworks.
• Creating and maintaining security documentation (policies, procedures, incident response plans).
• Monitoring system logs and alerts for suspicious activity and responding to events.
• Running employee security awareness training and phishing simulations.
• Collaborating with Development and DevOps to ensure secure coding and deployment practices.
• Coordinating with clients and vendors on security questionnaires, audits, and compliance requirements.

• Experience: 2+ years in Endpoint Security Management, particularly for web agencies with a remote, BYOD policy.
• Communication: Strong written and verbal communication skills (you may be asked to complete a live email task during the interview)
• Grit: High persistence and follow‑through to ensure people comply with security processes
• Clarity: Ability to clarify vague requests, ask smart questions, and structure security recommendations clearly
• Analysis: Strong analytical and reasoning ability

• Cutting‑edge work in a fast‑growing CRO environment where security is mission‑critical
• Permanently remote work environment
• Full‑time position with semi‑flexible hours — must overlap 4 hours with EST (8 AM–12 NN ET)
• Technology reimbursement (hardware and software support)
• Company‑sponsored training and security certifications
• 20 days of paid vacation plus holidays
• Competitive salary