Horangi sedang merekrut seorang

Security Engineer

Loker ini dibuat lebih dari 2 bulan yang lalu
Cek ketersediaan dengan klik lamar. Tidak tersedia? Cek loker lain di Jakarta.
Horangi is a unique cybersecurity cloud-native company in Asia with a security-first mindset. The Horangi’s Internal Security team enabled the company to become one of the first in Asia to achieve SOC2 Type 2 compliance. Currently, Internal Security is on the mission to maintain the state of SOC2 Type 2 compliance along with continuous protection from real threats.

At Horangi, the candidate will be working with and securing cutting-edge techs, which enables the best professional cybersecurity services and multi-cloud security SaaS products. We have a dynamic startup culture while serving enterprise clients. So we are looking for an enthusiastic, open-minded meanwhile well-organized Security Engineer who is up to the challenge of architecting, building, and maintaining the Security Operations Center (SOC) to protect cloud infrastructure, SaaS systems, servers and workstations by utilizing modern tools and methodologies and with the unique opportunity to use Horangi’s own services and products.

THE ROLE 

The goal of the role is to enable each function at Horangi to innovate without fear by focusing on three primary responsibilities:

1. Prevent attacks on vulnerabilities and monitor threats by architecting, building, and maintaining SOC;
2. Prevent attacks by configuring securely SaaS systems utilized at Horangi;
3. Respond to incidents. 

The Security Engineer liaises with the Managed Security Service Provider (MSSP) to refine the monitoring of servers, workstations, and email security. As well as they operate internal SOC, which focuses on the protection of operations of cloud infrastructure and SaaS systems. The Security Engineer should become an expert in the usage of native cloud security tools and Horangi’s own products.

Horangi utilizes over 100 SaaS systems. The Security Engineer designs and deploys those systems securely in a way that business functions can focus on delivering their objectives without worrying about security.

When there is a potential incident, the Internal Security team assembles a Horangi Response Team (HRT). The Security Engineer often becomes a member of the HRT, bringing their systems expertise and analytical skills.

The Security Engineer works closely with Horangi’s IT, Cloud Engineering, and Cyber Security Consulting Teams as we build new products and best-in-class services. It is an excellent opportunity to dive into the cloud world and learn cloud devops and cloud security.

What You’ll Do

- Continuously improve and implement processes for internal SOC.
- Connect additional data sources, develop and configure monitoring rules for a SIEM.
- Respond to SIEM and Warden TD alerts which need additional in-depth analysis.
- Configure cloud-native security scanners and Horangi Warden CSPM.
- Resolve vulnerabilities and security misconfigurations by yourself and working with system owners.
- Implement security hardening of servers and workstations.
- Configure security settings of SaaS systems utilized at Horangi (more than 100).
- Roll out new security systems by finding cost-effective solutions to cybersecurity problems.
- Develop best practices and security standards for the organization.
- Assist internal customers (fellow employees) with cybersecurity needs.
- Conduct security awareness and onboarding trainings.
- Liaising with vendors to implement security solutions.

Horangi is a modern technology company with numerous online systems for each team’s workflow and with infrastructure in the cloud. The Security Engineer needs to be able to work with technical and business teams, understand their requirements, and support optimal use of online systems and cloud infrastructure.       

Technology Stack 

Security solutions at Horangi. The candidate should have experience with some or all of the following types of security solutions: 

- Antivirus and EDR like SentinelOne or CrowdStrike.
- Cloud SIEM like Datadog Cloud SIEM, Splunk, Elastic Security, or Warden TD.
- IAM like JumpCloud or Okta.
- Device management like Jamf, JumpCloud, Windows Intune.
- Cloud-native security like AWS Security Hub, Trusted Advisor, Inspector.
- CSPM tools like AWS Config or Warden CSPM. 

Horangi utilizes the following technologies for collaboration and productivity. It would be beneficial if candidates were familiar with most of them or their analogies.  

- Business collaboration tools like Google Workspace, Monday.com, Atlassian Confluence, Slack, GitHub, Microsoft Office 365.
- Hubspot as CRM.
- BambooHR as HRIS.
- Multi-cloud environment: AWS, GCP, Azure. 

What we’re looking for 

Our ideal candidate must be able to quickly solve any cybersecurity and IT-related problems as well as plan and execute end-to-end a long-term solution addressing the core of the problem. They should be interested in learning and growing in the cloud space. The candidate has a servant mindset and serves both their team and customers. The candidate asks questions, is confident in not knowing everything, and would rather collaborate with others than go it alone. The candidate needs to communicate effectively, as we value responsiveness and transparency in our culture. They possess a security mindset and business acumen as we view security as a business enabler at Horangi.

Must Have

  • Experience in the design and deployment of security tools for security monitoring and vulnerability management
  • Ability to resolve vulnerabilities in IT systems
  • Network administration
  • System administration of Linux servers
  • Secure configurations of IT systems such as MFA, SSO, roles, and permissions
  • Directory Service management experience
  • Ability to code and automate security tasks, bash and PowerShell scripting
  • Good command of English, communication and presentation skills

Good To Have

  • Cloud security experience (AWS, a plus to have GCP and Azure)
  • Skills for vulnerability assessment and penetration testing
  • Real-world experience with response to cyber security incidents
  • End-to-end project management
  • Creation and delivery of training
  • Network and systems security, the configuration of firewalls, IPS/IDS
  • Contribution to open-source projects
  • Security policies writing
  • Security certifications like OSDA, OSCP, GCIH, or equivalent.
At Horangi, we pride ourselves as Cloud Security Champions in Asia backed by a team of global cybersecurity experts and trusted by Industry Leaders such as Gojek, Bukalapak, Singlife, MoneySmart, PropertyGuru, and Tiket.com.

We build our product using cloud technologies and manage our workflows using cloud SaaS solutions. We operate agile, lean, secure, and ever-growing.

Horangi has a positive, diverse, and supportive culture, and we look for people who are curious, inventive and work to be a little better every single day. We work in a fast-paced, dynamic, and get-things-done culture. Horangi is always looking to hire collaborative, humble, and highly driven individuals who want to make a difference and adhere to the principle People First, Mission Always!

Level yourself up as a cloud security expert and do the best work of your life here at Horangi.
Silakan referensi bahwa Anda menemukan lowongan kerja ini di Fungsi.id, ini membantu kami mendapatkan lebih banyak lowongan kerja berkualitas di sini, terima kasih!
Jenis kontrak
Full Time
Lokasi
Tanggal posting
24 Mei, 2022