AVP-Cloud/IT Security Solution & Architecture

PT. Indosat Tbk (Jakarta, Indonesia)

DKI Jakarta, Indonesia

Indosat Ooredoo Hutchison (IDX: ISAT) ("IOH"), are here with our vision to become the most preferred digital telecommunications company of Indonesia. The IOH merger combines two highly complementary businesses between PT Indosat Tbk (“Indosat Ooredoo”) and PT Hutchison 3 Indonesia to create a new world-class digital telecoms and internet company for Indonesia that can better compete and create additional value for all stakeholders, including employees, customers, and shareholders. Indosat Ooredoo Hutchison is now the second-largest mobile telecoms business in Indonesia. Indosat Ooredoo Hutchison will be guided by its corporate vision “To Become the Most Preferred Digital Telco of Indonesia” to capture the tremendous market opportunities presented by Indonesia’s digital and economic growth. The Company’s enhanced scale, financial strength, and expertise, combined with its preeminent networks, talent, and strategic partnerships, will enable Indosat Ooredoo Hutchison to become a key telco player driving Indonesia’s digital transformation agenda. The Company will focus on its core mission of delivering world-class digital experiences while connecting and empowering every Indonesian.

About this position

This role is responsible for designing and developing security solutions to ensure confidentiality, integrity, and availability of company’s systems and data stored in cloud-based and hybrid environments.

Responsibilities

• Align the security vision with business goals and industry trends.
• Specialize in designing secure network infrastructures, especially crucial for a telecommunication company.
• Provide advisory from IT security perspective incl. budget.
• Continuously improve IT security posture through implementation of security solution.
• A Cloud Security Architect is responsible for designing and building secure cloud environments.
• Design and implement security architectures for various cloud platforms (e.g., AWS, Azure, GCP) using cloud-native security tools and practices.
• Lead security initiatives, emphasizing innovation and staying ahead of security trends.
• Oversee security projects, ensuring alignment with organizational goals and timely delivery.
• Work closely with development, IT, and network teams to integrate security practices into the development lifecycle and network architecture.
• Ensure adherence to regulatory standards, enhancing the company's reputation and trustworthiness.
• Foster a culture of security awareness, providing training and promoting best practices across departments/divisions.

Requirements

• Minimum bachelor’s degree (Information Technology/ Electrical Engineering/Telecommunication Engineering, Computer Science, Communications, Marketing, Information Security, Business, Technical), master’s degree preferred.
• Security or enterprise architecture certificates such as CISSP, CISA, CISM, GIAC, CISA, SANS, and ISO 27001 Lead Implementor/Lead Auditor, etc.
• Have Cloud Certification e.g., AWS, GCP or Alibaba & experience working with its cloud technology.
• Proficiency in security protocols, cryptography, authentication, authorization, security vulnerabilities, and remediation techniques. Familiarity with intelligent automation, machine learning(ML) / AI & Generative AI, programming languages and frameworks is a plus.
• Ability to analyze and identify actions to be taken.
• Honesty and high-integrity character.
• Working well under pressure.
• Good communication and influence skill.
• Security Risk Management Certification.
• Strong understanding of all Information Security Domains.
• Sound understanding of businesses supported and security principles and policies.
• Knowledge of network, system, and application monitoring technologies.
• Exemplary networking and negotiation skills.
• Education for Security Risk.
• 5-7 years in cloud/IT security, with specific experience in major cloud platforms.
• Experience with cloud security, including AWS, Azure, or Google Cloud Platform.
• Knowledge of DevSecOps practices and integrating security into CI/CD pipelines.
• Familiarity with containerization and orchestration tools like Docker and Kubernetes.