工作职责
- Manage corporate SaaS subscriptions (Notion, Slack, Linear, Figma, GitHub, etc.) and license discipline.
- Operate the identity provider (Google Workspace / Okta / similar); enforce SAML or OIDC on every SaaS that supports it.
- Manage the employee laptop fleet — procurement, MDM enrollment (Jamf / Intune / Mosyle), baseline image, disk encryption, lost/stolen procedures.
- Own onboarding and offboarding access lifecycle in lockstep with the People / HR Operations Manager.
- Run quarterly access reviews and document control evidence for ISO 27001 internal-scope readiness.
- Run employee security training — phishing simulations, secure-coding briefs for engineers, data-handling for non-technical roles.
- Support employees on day-to-day IT issues with a tracked queue.
- Coordinate with the SRE on the boundary between corporate IT and production infrastructure.
任职要求
- 4+ years IT operations or corporate security at a tech company.
- Hands-on with at least two of: Okta / Google Workspace SAML, Microsoft Intune / Jamf / Mosyle, JumpCloud, password-manager admin (1Password / Bitwarden Business).
- Working knowledge of ISO 27001 controls relevant to internal IT scope (A.5–A.9, A.11).
- Comfortable writing security policies and SOPs in plain Bahasa Indonesia and English.
- Calm in incident response — SOC ticket triage, not panic-mode escalation.
加分项
- SOC 2 audit experience.
- Phishing simulation tooling (KnowBe4, Hoxhunt).
- Indonesian company experience under POJK / OJK regulatory guidance.
- Light scripting (Python or shell) for IT automation.
90 天内的成功标准
- SaaS inventory documented with an owner per app; orphan accounts removed.
- SSO enforced on every SaaS that supports it.
- Employee security-training cycle kicked off — phishing baseline measured plus first formal training round.