Fungsi.id Fungsi.id
Login
INDICO sedang merekrut seorang

Cybersecurity

About Us

INDICO is a digital technology subsidiary company of Telkomsel, Indonesia's leading digital telecom company. INDICO plays a strategic role as a holding company that houses current and prospective vertical digital business portfolios, including Kuncie (edu-tech), Fita (health-tech), and Majamojo (game). Moving forward, INDICO aims to explore opportunities in multiple verticals adjacent to Telkomsel's digital businesses. As a digital platform company, INDICO aims to leverage Telkomsel's digital assets and capabilities to create a flywheel effect of innovations to develop cross-sectoral digital solutions that will empower Indonesia's digital economy.

INDICO believes that we can reach beyond to empower Indonesians and enable businesses through our strong core values of EPIC WAY (Excellence, Positivity, Impactful Collaboration, Customer First, Walk the Talk, Accountability, Yes-if Mindset).

What you will do, but not limited to:

  • Monitor, analyze, and respond to security incidents across applications, Linux servers, and cloud infrastructure.
  • Design and implement security controls based on Secure-by-Design and Security-by-Default principles.
  • Collaborate with developers to review application architecture, configurations, and security-relevant code.
  • Support and participate in penetration testing (web, API, infrastructure), including validation of findings and remediation.
  • Conduct basic threat modeling and risk assessments for new and existing systems.
  • Enhance security logging, monitoring, and alerting using SIEM and endpoint security tools.
  • Participate in incident response activities, including root cause analysis and post-incident reviews.
  • Develop and maintain practical security guidelines and best practices for engineering teams.
  • Clearly communicate security risks and remediation steps to both technical and non-technical stakeholders.
  • Hands-on experience with Linux (daily usage, process management, permissions, networking, and log analysis).
  • Ability to read and understand application code for security analysis (e.g. Python, Java, JavaScript, or similar).
  • Experience supporting or conducting penetration testing or vulnerability validation (not limited to automated scanning).
  • Strong understanding of Web & API Security fundamentals (OWASP Top 10).
  • Exposure to implementing Secure-by-Design principles within the SDLC.
  • Understanding of common attacker techniques and attack paths.
  • Experience analyzing vulnerabilities and distinguishing false positives vs real risks.
  • Basic experience securing AWS resources (IAM, EC2/Linux hardening, logging).
  • Understanding of SIEM concepts (log sources, alerting, basic correlation).
  • Basic knowledge of EDR/XDR and endpoint incident response concepts.

Preferred / Nice to Have

  • Hands-on experience with penetration testing or security tools (e.g. Burp Suite, Metasploit).
  • Exposure to SOAR or incident response automation; scripting with Python or Bash.
  • Experience with SIEM/HIDS platforms (Wazuh, ELK, Splunk, or equivalent).
  • DevSecOps exposure (CI/CD security, automation).
  • Knowledge of container or Kubernetes security.
  • Familiarity with ISO 27001 controls or security compliance frameworks.
  • Relevant certifications (e.g. OSCP, CEH, GWAPT, Security+, or equivalent).
  • Experience in fintech, banking, or high-risk transaction environments.
Lamar loker ini
Silakan referensi bahwa Anda menemukan lowongan kerja ini di Fungsi.id, ini membantu kami mendapatkan lebih banyak lowongan kerja berkualitas di sini, terima kasih!
INDICO INDICO
Cek website
Lokasi
Tanggal posting
6 Januari, 2026