Akar Inti Data (Djarum Group) is a startup company under Central Capital Ventura that develops data platform infrastructure and provides advanced data analytics services and martech stacks for tenants in the financial/banking and related industries. We are looking for a security expert with a strong software engineering background, who is capable of working in a semi-structured fast startup environment, perpetual learner, and possesses an entrepreneurial spirit while wearing multiple hats on the job.
Responsibilities
- Design security infrastructure and software technical specifications based on business requirements and contribute to Functional and Technical Specification documents
- Build and implement security measures, firewalls, and systems primarily in the cloud, encompassing tenants’ data, systems, components, and networks and ensure all data and networks are effectively protected
- Develop and integrate modules to conform to data privacy laws and standards through tokenization, proper access controls, and storage bucket segregation
- Along with software engineers, develop front-end, middleware, and back-end per specifications collaborating with our partners
- Along with software engineers, develop detailed testing plans (functional, component, security, user acceptance, penetration tests etc.) and perform the tests to determine bugs, security vulnerabilities, and user experience improvement opportunities
- Identify, fix, report, and investigate any potential breaches
- Create API, user, and other necessary documentation
- Plan, execute, monitor, maintain and update ISO 27000, PCI-DSS, and GDPR compliance and certification
- Reporting to CTO Akar Inti Data
Qualifications
- BS or MS degree in Computer Science/Information Technology or Electrical Engineering
- Minimum 4 years of experience in Secure software development and data security like Data Classification and data privacy
- Experiences in Network Security (WAF, Firewall, IPS/IDS) and also infrastructure security
- Experiences in SSDLC (SCA, SAST,DAST, IAST, RASP), Application Security, and container security like Istio
- Experiences in DevSecOps process using Gitlab, Jenkins, Ansible, Terraform, and experience infrastructure as a Code is a Plus
- Holder at least one of certification OCSP, CREST, CISA, CISSP, SSCP
- Experiences in various programming languages and databases: C, C++, Java, .Net, SQL, Python, Golang is plus
- Experiences and knowledge in data science and/or artificial intelligence is a plus
- Experiences in the financial/banking industry is a plus
- Highly flexible and adaptable being able to work in multiple capacities in a fast-paced startup environment
- Loves to learn