Job Description
As the Security Engineer at Allofresh, you will be responsible for building and implementing a robust security framework to protect our infrastructure, data, and systems. You will work closely with cross-functional teams, including IT, Product, and Development, to design security strategies, conduct risk assessments, and ensure compliance with industry standards. This is a unique opportunity to shape the security landscape of a company and establish a security-first culture.
Key Responsibilities:
- Security Framework Development: Design and implement a comprehensive security strategy for Allofresh, including policies, procedures, and guidelines.
- Infrastructure Security: Ensure the security of the company's infrastructure (cloud and on-premises) by managing firewall configurations, VPNs, network segmentation, and intrusion detection systems.
- Threat Monitoring & Response: Develop and maintain monitoring and alert systems to identify and respond to security incidents promptly.
- Risk Assessment & Mitigation: Conduct regular vulnerability assessments, penetration testing, and risk assessments on critical systems. Recommend and implement mitigation strategies.
- Data Security & Compliance: Ensure data security and privacy across all platforms, implementing encryption protocols and adhering to regulatory requirements.
- Identity & Access Management (IAM): Establish and maintain robust IAM policies, ensuring appropriate access control to sensitive systems and data.
- Security Awareness Training: Lead security awareness training programs for employees to promote a culture of security across the organization.
- Incident Response: Develop and maintain the company’s incident response plan. Coordinate and respond to security incidents, conducting root cause analysis and implementing preventive measures.
- Collaboration & Consultation: Serve as a security advisor to development, operations, and product teams, ensuring that security is embedded in the lifecycle of new projects and features.
Requirements
- Educational Background: Bachelor’s degree in Computer Science, Information Security, or a related field.
- Experience: Minimum of 3-5 years of experience in security engineering, with a strong track record of building security frameworks.
- Technical Expertise:
- Proficiency in cloud security (e.g., AWS, GCP, Azure) and securing cloud-based architectures.
- Strong knowledge of networking, firewalls, VPNs, IDS/IPS, SIEM, and other security tools.
- Hands-on experience with security assessment tools like Nessus, Burp Suite, Metasploit, etc.
- Familiarity with security standards and frameworks (e.g., ISO 27001, NIST, OWASP).
- Problem Solving: Strong analytical and problem-solving skills with the ability to communicate complex technical concepts to non-technical stakeholders.
- Certifications (if any): CEH, CISSP, CISM, or similar credentials.
- Language: Proficient in English and Bahasa Indonesia.
Tips Menjaga Diri
Perusahaan dan Lowongan di Dealls tidak meminta data pribadi, informasi rekening, atau pungutan ketika melamar. Hindari juga lowongan Google Form / Grup Telegram tanpa keabsahan yang jelas.
Introducing your new friend to fulfill all your daily needs - AlloFresh, supermarket at your doorstep! Established in early 2022, AlloFresh is a joint venture company between Bukalapak, an all-commerce unicorn company, and Trans Retail Indonesia, a giant retail company under CT Corp Group. AlloFresh focuses on providing fast delivery across Indonesia. We offers a wide range of products to meet the diverse needs of our customers.