Sr. Officer-Application Security Platform

at  indosat

QUALIFICATION:

• Minimum bachelor’s degree in relevant field (Information Technology/ Electrical Engineering/Telecommunication Engineering, Computer Science, Communications, Information Security, Business, Technical) with minimum 8 years experience.
• Security or enterprise architecture certificates such as CISSP, CISM, GIAC, CISA, CEH, and ISO 27001 Lead Implementor/Lead Auditor, etc.
• Knowledge in Application Security. Have in-depth understanding related with application security concepts, principles, and best practices i.e. Anti Virus, Anti Malware, EDR, Network Access Control, Data Loss Prevention, Security Patching and Hardening, VPN, SSL etc.
• Familiarity with common vulnerabilities and exposure to secure coding is preferrable.
• Proficiency in security protocols, cryptography, authentication, authorization, security vulnerabilities, and remediation techniques. Familiarity with programming languages and frameworks is a plus.
• Proficient in: LINUX, Windows Servers, Unix.
• Knowledge: User Access Matrix and User Application Matrix
• Knowledge in SSO and MFA for Authentication Access ID
• Ability to analyze and identify actions to be taken.
• Honesty and high-integrity character
• Working well under pressure
• Good communication and influence skill
• Strong understanding of all Information Security Domains
• Sound understanding of businesses supported and security principles and policies
• Knowledge of network, system, and application monitoring technologies

RELATED EXPERIENCE:

• Demonstrated experience in developing, implementing, and maintaining security policies, procedures, and guidelines.
• Having knowledge about security frameworks and standards like ISO 27001, NIST Cybersecurity Framework, and OWASP (Open Web Application Security Project) can be advantageous.
• Experience in developing and implementing vulnerability management programs, including vulnerability assessment and remediation.
• Incident Response Experience. Practical experience in developing and executing incident response plans, including forensic analysis and post-incident reporting.
• Leadership and Communication Skills. Strong leadership and communication skills to effectively manage a team, collaborate with other departments, and convey complex security concepts to non-technical stakeholders.
• Regulatory Compliance Knowledge: Awareness and understanding of relevant data protection laws, regulations, and industry compliance standards.

SKILLS:

• Information System Management
• Operational Management
• Enterprise Risk Management
• Software Engineering
• IT Security Management
• Telco Knowledge
• Strong verbal and written communication skills (fluency in English is required)
• Strong interpersonal and communication skills with a proven ability to collaborate with cross-functional teams, including IT, Security, Compliance, and Legal.
• Strong analytical skills to identify security risks, assess their potential impact, and devise effective solutions.
• Previous roles involved risk assessment, vulnerability management, and implementation of proactive security measures to mitigate identified risks.
• Good communication skill both writing and verbally to be able to work together with all employees in the company.
• Ability to convey message in clear, concise and simple way to various employees in the company.
• Ability to deliver and develop presentation in front of different audience and answering their questions.
• Have integrity, confidentiality and independence.
• Collaboration and Teamwork: Ability to collaborate with cross-functional teams, especially with development and IT teams, to integrate security into the software development life cycle.
• Project Management: Project management skills to plan, execute, and monitor security initiatives effectively.

Please refer the Job description for details