Dalang.io Logo

Dalang.io
← Kembali ke daftar posisi
Operations Full-time Indonesia-remote (Jakarta preferred for occasional on-site work)

IT / Internal Security Lead

Own Dalang.io's internal-IT and corporate-security posture — distinct from the production infrastructure (which the SRE owns) and customer-facing platform security. Manage SaaS sprawl, SSO, the laptop fleet, onboarding/offboarding access, ISO 27001 internal-readiness, and employee security training.

Deskripsi pekerjaan dalam bahasa Inggris. Anda dapat melamar dalam bahasa Inggris atau Bahasa Indonesia.

Yang akan Anda kerjakan

  • Manage corporate SaaS subscriptions (Notion, Slack, Linear, Figma, GitHub, etc.) and license discipline.
  • Operate the identity provider (Google Workspace / Okta / similar); enforce SAML or OIDC on every SaaS that supports it.
  • Manage the employee laptop fleet — procurement, MDM enrollment (Jamf / Intune / Mosyle), baseline image, disk encryption, lost/stolen procedures.
  • Own onboarding and offboarding access lifecycle in lockstep with the People / HR Operations Manager.
  • Run quarterly access reviews and document control evidence for ISO 27001 internal-scope readiness.
  • Run employee security training — phishing simulations, secure-coding briefs for engineers, data-handling for non-technical roles.
  • Support employees on day-to-day IT issues with a tracked queue.
  • Coordinate with the SRE on the boundary between corporate IT and production infrastructure.

Yang kami butuhkan dari Anda

  • 4+ years IT operations or corporate security at a tech company.
  • Hands-on with at least two of: Okta / Google Workspace SAML, Microsoft Intune / Jamf / Mosyle, JumpCloud, password-manager admin (1Password / Bitwarden Business).
  • Working knowledge of ISO 27001 controls relevant to internal IT scope (A.5–A.9, A.11).
  • Comfortable writing security policies and SOPs in plain Bahasa Indonesia and English.
  • Calm in incident response — SOC ticket triage, not panic-mode escalation.

Nilai tambah

  • SOC 2 audit experience.
  • Phishing simulation tooling (KnowBe4, Hoxhunt).
  • Indonesian company experience under POJK / OJK regulatory guidance.
  • Light scripting (Python or shell) for IT automation.

Tolok ukur sukses dalam 90 hari

  • SaaS inventory documented with an owner per app; orphan accounts removed.
  • SSO enforced on every SaaS that supports it.
  • Employee security-training cycle kicked off — phishing baseline measured plus first formal training round.

Cara melamar

Kirimkan CV beserta catatan singkat (Bahasa Inggris atau Bahasa Indonesia) yang menjelaskan dua tanggung jawab pertama yang akan Anda kerjakan dan alasannya. Kami membaca setiap lamaran dan membalas dalam 7 hari.

Lamar → [email protected]