Deskripsi pekerjaan IT Security Engineer Faspay
Job Requirements
- Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field.
- Relevant professional certifications (at least one required), such as: CISSP, CISA, CISM, CEH, ISO 27001 Lead Implementer, or equivalent.
- Minimum 3–5 years of experience in IT Security Engineer especially Blue Team
- Prior experience in Payment Gateway, or Financial Services industry is a strong plus.
- Proven experience in implementing and managing IT security architecture across hardware, operating systems, networks, databases, and applications in Cloud Environtment.
- Strong understanding of network, endpoint, and application security principles in Cloud Environtment.
- Hands-on experience with Vulnerability Management tools (e.g., Nessus, Qualys, Rapid7, OpenVAS).
- Experience in security incident handling and forensic investigation.
- Familiar with SIEM tools (Security Information and Event Management) and real-time threat monitoring.
- Capable of conducting risk assessments and preparing comprehensive security documentation.
- Deep knowledge of security frameworks such as ISO 27001, NIST CSF, COBIT, or equivalent.
- Strong communication skills, especially in presenting security findings and recommendations to non-technical stakeholders.
- Collaborative mindset with the ability to work cross-functionally with IT, compliance, legal, and business teams.
- Proactive problem-solver with the ability to respond quickly and effectively in security incidents.
Job Description:
- Implement and maintain security controls for systems and applications.
- Design and implement appropriate security policies, including network security configurations and operating system security settings.
- Conduct vulnerability assessments and coordinate remediation activities.
- Actively monitor systems and networks to detect and respond to threats using security monitoring tools and intrusion detection systems.
- Respond to and resolve security incidents promptly, and implement appropriate remediation measures.
- Evaluate systems and applications to identify security gaps and provide recommendations for improvement.
- Manage and maintain security systems, including software updates, security patches, and proper configurations.
- Investigate security incidents and perform forensic analysis to identify root causes and impacts.
- Respond to and recover from cybersecurity attacks, including data recovery, system restoration, and remediation of exploited vulnerabilities.
- Stay up to date with the latest security trends, emerging threats, and technological developments to ensure effective protection against new risks.
- Continuously improve the security infrastructure and implement necessary updates to security policies and practices.
- Ensure information security is maintained by complying with security policies, safeguarding company data, and reporting any suspicious activities that may threaten information security.
- Support audit and compliance activities, including adherence to standards and regulations such as ISO 27001, PCI DSS, and OJK / Bank Indonesia requirements.




