Chief Information Security Officer (CISO)

• Develop and implement a comprehensive cybersecurity strategy aligned with business objectives.
• Oversee the organizations information security policies and procedures.
• Manage and lead the cybersecurity team ensuring effective implementation and monitoring of security controls.
• Align with the heads of engineering operations support legal & compliance HR and sales.
• Ensure compliance with cybersecurity and privacy regulations both for private and public entities.
• Collaborate with executive management to integrate cybersecurity practices into business operations.
• Evaluate and address potential security risks related to enterprise network and cloud environments.
• Communicate security-related concepts to stakeholders at all levels ensuring clear understanding and compliance.

• Security of SaaS products such as HR CRM communication document management accounting and tax financial management.
• Security of services such as system integration service and financial services.
• Enterprise operations of multiple software and financial companies including companies regulated by government agencies (such as BI).

• Bachelors degree in Computer Science Information Technology or a related field. Postgraduate degree is advantageous.
• CISSP (Certified Information Systems Security Professional) and CISM (Certified Information Security Manager) certifications are required.
• 5-10 years of experience in a managerial position within cybersecurity.
• At least 10 years of experience in cybersecurity roles with expertise in enterprise security network security cloud security and GRC.
• Minimum of 5 years of experience in a software company or fintech environment.
• Excellent command of English and superior communication skills.
• Proven strategic planning abilities and experience in implementing privacy controls.

• Application Security: Emphasize experience in securing software development processes (DevSecOps) including secure coding practices application vulnerability management and software security architecture.
• Incident Response and Management: Include skills related to managing security incidents breaches and forensic analysis to ensure the candidate can effectively handle and mitigate security incidents.
• Security Architecture: Specify the need for expertise in designing and implementing robust security architectures including zero trust micro-segmentation and network segmentation strategies.
• Identity and Access Management (IAM): Highlight the importance of skills in managing identity and access management frameworks such as SSO MFA and privileged access management (PAM).
• Threat Intelligence and Monitoring: Include experience with threat intelligence security monitoring and SIEM (Security Information and Event Management) tools for proactive threat detection and response.
• Data Security: Add requirements for experience with data protection technologies including encryption data loss prevention (DLP) and data classification frameworks.
• Cloud Security: While cloud security is mentioned specifying knowledge of specific platforms (AWS Azure GCP) and cloud-native security tools (e.g. AWS GuardDuty Azure Security Center) would be beneficial.
• Experience with Security Frameworks and Standards: Specify knowledge of security frameworks such as NIST ISO 27001 or CIS Controls which are essential for aligning security strategies with recognized standards.

What You Will Get:

1. Competitive salary daily allowance.
2. Premium private health insurance (outpatient inpatient maternity dental).
3. Early access to salary flex installment (employee loan) via Mekari Flex.
4. Allowance for sports activities and glasses/contact lenses.
5. Flexible working hours with a hybrid work culture.
6. Annual and unpaid leaves from day 1 of join date unlimited sick leave with doctor note.
7. Notebook Ownership Program.
8. Strategic office location accessible by MRT.
9. Friendly and dynamic work environment.
10. Opportunity to build impactful solutions with Indonesias no. 1 SaaS company.