Deskripsi pekerjaan Lead Developer & Security PT ASTERIA CYBERINDO PRATAMA
Job Description
- Platform Architecture & Development
Design and develop scalable, secure, and multi-tenant web platforms.
Build and maintain Learning Management Systems (LMS), lab provisioning systems, scoring engines, progress tracking, and analytics platforms.
- Lab Provisioning & Infrastructure
Develop lab provisioning systems using Docker, Kubernetes, and Virtual Machines.
Manage lab lifecycles, templates, resource quotas, auto-shutdown, snapshots, and environment isolation.
- LMS, Scoring & Gamification
Develop course modules, assessments, certificates, scoring engines, leaderboards, badges, XP, and achievement systems.
- Security, Compliance & Reliability
Implement secure coding practices, audit logging, WAF, MFA, secret management, and compliance controls.
Conduct threat modeling and security hardening activities.
- DevOps & Operations
Build and manage Infrastructure as Code (IaC), CI/CD pipelines, monitoring, logging, tracing, alerting, backup, disaster recovery, and capacity planning.
- Collaboration & Leadership
Collaborate with cross-functional teams.
Conduct code reviews and mentor engineers.
Prepare technical documentation, Architecture Decision Records (ADR), and operational runbooks.
Requirements
- Minimum 3 years of experience as a Full Stack Developer, Platform Engineer, or Software Architect.
- Proven experience building SaaS, LMS, or CTF platforms.
- Experience managing multi-tenant platforms in production environments.
- Strong understanding of cloud-native architecture, scalability, and security principles.
- Familiarity with compliance standards such as GDPR, Indonesia's Personal Data Protection Law (UU PDP), and ISO 27001.
Frontend
- React.js, Next.js, TypeScript
- TailwindCSS, shadcn/ui
- Zustand/Redux Toolkit, TanStack Query
- WebSocket and Server-Sent Events (SSE)
Backend
- Python and/or Golang
- REST API, GraphQL, gRPC
- Event-driven architecture
Database & Storage
- PostgreSQL, Redis
- Object Storage (S3 / MinIO)
Containerization & Orchestration
- Docker, Docker Compose, Kubernetes
- Helm Charts (preferred)
- KubeVirt (preferred)
Infrastructure & Automation
- Terraform / Pulumi
- Ansible
- Vault / AWS Secrets Manager
CI/CD
- GitHub Actions, GitLab CI, Jenkins
- ArgoCD / Flux (GitOps)
- SAST/DAST tools: Semgrep, Trivy, Snyk, OWASP ZAP
Monitoring & Observability
- Prometheus, Grafana, ELK / Loki
- OpenTelemetry, Jaeger / Tempo
- Sentry / GlitchTip, Uptime Kuma
Authentication & Authorization
- Keycloak, OAuth2, OpenID Connect, SAML 2.0
- MFA, TOTP, WebAuthn
Additional Technical Skills
- System Design & Microservices Architecture
- Secure Coding Practices & Performance Optimization
- Automated Testing (Unit, Integration, End-to-End)
- Linux, Networking, Threat Modeling (STRIDE/PASTA)
- Multi-tenant SaaS Patterns & Database Tuning
---
Qualifications
- Understanding of cyber ranges, CTF platforms, or virtual lab environments.
- Ability to design scalable, secure, and maintainable architectures.
- Strong focus on code quality, security, and system reliability.
- High level of ownership and professional work ethics.
Soft Skills
- Strong problem-solving abilities.
- Effective communication with both technical and non-technical stakeholders.
- Ability to lead technical decisions and initiatives.
- Excellent technical documentation skills.
- Experience mentoring junior engineers.
- Strong stakeholder management capabilities.
Nice to Have
- Experience building CTF platforms, cyber ranges, or e-learning platforms.
- Experience with Apache Guacamole, noVNC, and WireGuard.
- On-call and incident response experience.
- Open-source contributions in infrastructure or security projects.
- Basic knowledge of cybersecurity principles.
