Cloud Security Engineer

Stockbit
Full_time

📍 Job Overview

  • Job Title: Cloud Security Engineer
  • Company: Stockbit
  • Location: Jakarta, Jakarta, Indonesia
  • Job Type: Hybrid (On-site & Remote)
  • Category: DevOps & Infrastructure
  • Date Posted: July 10, 2025
  • Experience Level: Mid-Level (2-5 years)

🚀 Role Summary

  • Secure Cloud Infrastructure: Design, implement, and maintain secure cloud architecture tailored to fintech needs, protecting sensitive financial data.
  • Collaborative Security: Work closely with DevOps, backend, and compliance teams to ensure security by design and educate internal teams on best practices.
  • Incident Response: Investigate and respond to security incidents, leading mitigation efforts to protect the platform and users.
  • Compliance & Audits: Define and enforce cloud security policies, conduct regular audits, and ensure compliance with industry standards.

📝 Enhancement Note: This role requires a strong focus on cloud security, with a deep understanding of cloud platforms and their security features. Familiarity with data protection regulations and security frameworks in fintech is crucial for success in this role.

💻 Primary Responsibilities

  • Architecture & Configuration: Design and implement secure cloud architecture, configure and harden cloud services, and develop threat detection and response systems.
  • Audits & Compliance: Conduct regular cloud security audits, penetration tests, and access reviews, ensuring compliance with industry standards.
  • Collaboration & Education: Collaborate with various teams to ensure security by design, educate internal teams on cloud security best practices, and lead incident response efforts.
  • Policy & Procedure: Define and enforce cloud security policies, and maintain up-to-date knowledge of emerging threats and security trends.

📝 Enhancement Note: This role requires a proactive approach to security, with a focus on preventing and mitigating potential threats. Strong communication skills are essential for collaborating with various teams and educating internal stakeholders on security best practices.

🎓 Skills & Qualifications

Education: A bachelor's degree in Computer Science, Information Technology, or a related field. Relevant certifications are a plus.

Experience: Minimum 3 years of experience in Cloud Security, Security Engineering, or a related role.

Required Skills:

  • Strong understanding of cloud platforms (especially AWS or GCP) and their security features.
  • Experience with container and infrastructure security (e.g., Docker, Kubernetes, Terraform, CloudFormation).
  • Solid knowledge of security principles like zero trust, least privilege, threat modeling, and network segmentation.
  • Hands-on experience with SIEM tools, log monitoring, and vulnerability scanners.
  • Familiarity with data protection regulations and security frameworks in fintech (e.g., OJK, ISO 27001, GDPR).

Preferred Skills:

  • Security certifications such as AWS Certified Security – Specialty, GCP Professional Cloud Security Engineer, CISSP, CEH, or CISM.
  • Experience in SOC operations or incident response.
  • Proficiency in scripting languages for security automation (e.g., Python, Bash).

📝 Enhancement Note: While not required, relevant security certifications and experience in SOC operations or incident response can significantly enhance an applicant's competitiveness for this role.

📊 Web Portfolio & Project Requirements

Portfolio Essentials:

  • Case studies demonstrating secure cloud architecture design and implementation.
  • Examples of threat detection and response systems developed and maintained.
  • Documentation showcasing security audits, penetration tests, and access reviews conducted.
  • Evidence of incident response and mitigation efforts led.

Technical Documentation:

  • Detailed technical documentation outlining cloud security architecture, configuration, and hardening processes.
  • Step-by-step guides for threat detection and response systems, including setup, maintenance, and troubleshooting.
  • Records of security audits, penetration tests, and access reviews conducted, with recommendations for improvement.
  • Incident response plans and post-incident analysis reports.

📝 Enhancement Note: A strong portfolio for this role should demonstrate a candidate's ability to design, implement, and maintain secure cloud infrastructure, as well as their experience in incident response and compliance. Clear and concise technical documentation is essential for showcasing a candidate's expertise and attention to detail.

💵 Compensation & Benefits

Salary Range: The estimated salary range for a mid-level Cloud Security Engineer in Jakarta, Indonesia, is IDR 20,000,000 - 30,000,000 per year (USD 1,370 - 2,050). This estimate is based on regional market research and industry standards for similar roles.

Benefits:

  • Health Insurance Benefits
  • Well Being and Counseling Program
  • Self Development Program
  • Capital Market Sharing Session

Working Hours: Full-time position with standard working hours, with flexibility for incident response and maintenance windows as needed.

📝 Enhancement Note: While the salary range provided is an estimate, candidates are encouraged to research regional salary standards and cost of living to ensure the compensation package meets their expectations.

🎯 Team & Company Context

🏢 Company Culture

Industry: Fintech – Stockbit is a leading online investment platform, focusing on providing users with access to capital markets and investment products.

Company Size: Medium-sized company with a growing team of over 100 employees, offering a dynamic and collaborative work environment.

Founded: 2014 – Stockbit has established itself as a trusted and innovative player in the Indonesian fintech industry.

Team Structure:

  • Cross-functional teams, including DevOps, Backend, Compliance, and Security.
  • Flat hierarchy with a focus on agile decision-making and collaboration.
  • Strong emphasis on knowledge-sharing and continuous learning.

Development Methodology:

  • Agile/Scrum methodologies with bi-weekly sprint planning.
  • Code reviews, testing, and quality assurance practices.
  • CI/CD pipelines and automated deployment strategies.

Company Website: Stockbit

📝 Enhancement Note: Stockbit's company culture emphasizes collaboration, innovation, and continuous learning, making it an ideal environment for a Cloud Security Engineer looking to grow and make a significant impact.

📈 Career & Growth Analysis

Web Technology Career Level: Mid-Level – This role offers an opportunity to grow as a Cloud Security Engineer, with a focus on designing, implementing, and maintaining secure cloud infrastructure in a fast-paced, highly regulated fintech environment.

Reporting Structure: This role reports directly to the Head of Security and collaborates closely with DevOps, Backend, and Compliance teams.

Technical Impact: The Cloud Security Engineer plays a critical role in maintaining secure systems that users and investors can trust, ensuring the protection of sensitive financial data and the overall security of the platform.

Growth Opportunities:

  • Technical leadership opportunities in the security team, with a focus on architecture and strategy.
  • Career progression paths into senior security roles or specialized security domains (e.g., threat intelligence, incident response).
  • Opportunities to work on high-impact projects and contribute to the company's growth and success.

📝 Enhancement Note: This role offers significant growth opportunities for a motivated Cloud Security Engineer looking to advance their career in a dynamic and challenging fintech environment.

🌐 Work Environment

Office Type: Hybrid – A combination of on-site and remote work, with a focus on collaboration and flexibility.

Office Location(s): Jakarta, Indonesia – Stockbit's headquarters is located in the heart of Jakarta, offering easy access to public transportation and amenities.

Workspace Context:

  • Modern, collaborative workspace designed to facilitate team interaction and knowledge-sharing.
  • Multiple monitors and testing devices available to support secure cloud infrastructure development and maintenance.
  • Cross-functional collaboration opportunities with DevOps, Backend, and Compliance teams.

Work Schedule: Standard working hours with flexibility for incident response and maintenance windows as needed.

📝 Enhancement Note: Stockbit's hybrid work environment offers a balance between on-site collaboration and remote flexibility, allowing Cloud Security Engineers to maintain a healthy work-life balance while ensuring the security of the platform.

📄 Application & Technical Interview Process

Interview Process:

  1. Technical Phone Screen: A 30-minute phone or video call to assess technical skills and cultural fit.
  2. Technical Deep Dive: A 60-minute technical interview focused on cloud security architecture, configuration, and incident response.
  3. Behavioral & Cultural Fit: A 30-minute interview to evaluate problem-solving skills, communication, and cultural fit.
  4. Final Decision: A final decision based on the candidate's technical skills, cultural fit, and alignment with the company's values.

Portfolio Review Tips:

  • Highlight case studies demonstrating secure cloud architecture design and implementation.
  • Showcase threat detection and response systems developed and maintained.
  • Provide evidence of incident response and mitigation efforts led.
  • Include clear and concise technical documentation outlining cloud security architecture, configuration, and hardening processes.

Technical Challenge Preparation:

  • Brush up on cloud security principles, including zero trust, least privilege, threat modeling, and network segmentation.
  • Familiarize yourself with cloud platforms (especially AWS or GCP) and their security features.
  • Prepare for incident response scenarios and demonstrate your ability to lead mitigation efforts.

ATS Keywords:

  • Cloud Security
  • Security Engineering
  • AWS
  • GCP
  • Azure
  • IAM
  • VPCs
  • KMS
  • Firewalls
  • Storage
  • SIEM
  • IDS/IPS
  • Threat Modeling
  • Network Segmentation
  • Container Security
  • Scripting
  • OJK
  • ISO 27001
  • GDPR
  • Incident Response
  • Compliance
  • Penetration Testing
  • Access Reviews

📝 Enhancement Note: The interview process for this role is designed to assess a candidate's technical skills, problem-solving abilities, and cultural fit. A strong portfolio and thorough preparation for technical challenges will significantly enhance an applicant's competitiveness.

🛠 Technology Stack & Web Infrastructure

Cloud Platforms:

  • AWS (Amazon Web Services)
  • GCP (Google Cloud Platform)
  • Azure (Microsoft Azure)

Cloud Services:

  • IAM (Identity and Access Management)
  • VPCs (Virtual Private Clouds)
  • KMS (Key Management Service)
  • Firewalls
  • Storage (S3, GCS, Azure Blob Storage)

Security Tools:

  • SIEM (Security Information and Event Management) tools (e.g., Splunk, ELK Stack, IBM QRadar)
  • Log monitoring and analysis tools (e.g., Logz.io, Datadog, New Relic)
  • Vulnerability scanners (e.g., Nessus, OpenVAS, Nexpose)

Scripting Languages:

  • Python
  • Bash
  • PowerShell

📝 Enhancement Note: Familiarity with these cloud platforms, services, and security tools is essential for success in this role. Candidates are encouraged to demonstrate their proficiency with these technologies in their portfolio and technical interviews.

👥 Team Culture & Values

Web Development Values:

  • Security First: Prioritize the security of the platform and user data in all aspects of cloud architecture and configuration.
  • Collaboration & Communication: Work closely with cross-functional teams to ensure security by design and maintain open lines of communication.
  • Continuous Learning: Stay up-to-date with emerging threats, security trends, and best practices in cloud security.
  • Proactive & Resilient: Anticipate potential threats and be prepared to respond to incidents quickly and effectively.

Collaboration Style:

  • Cross-Functional Collaboration: Work closely with DevOps, Backend, and Compliance teams to ensure security by design and maintain a secure development lifecycle.
  • Knowledge-Sharing: Participate in regular security team meetings and company-wide knowledge-sharing sessions to stay informed and share your expertise.
  • Mentoring & Coaching: Provide guidance and support to junior team members and help them develop their cloud security skills.

📝 Enhancement Note: Stockbit's team culture emphasizes collaboration, continuous learning, and a proactive approach to security. Candidates who embody these values and are passionate about cloud security will thrive in this environment.

⚡ Challenges & Growth Opportunities

Technical Challenges:

  • Cloud Security Architecture: Design and implement secure cloud architecture tailored to fintech needs, ensuring the protection of sensitive financial data.
  • Incident Response: Investigate and respond to security incidents, leading mitigation efforts to protect the platform and users.
  • Compliance & Audits: Define and enforce cloud security policies, conduct regular audits, and ensure compliance with industry standards.
  • Emerging Threats: Stay up-to-date with emerging threats and security trends, and adapt cloud security strategies to address new challenges.

Learning & Development Opportunities:

  • Security Certifications: Pursue relevant security certifications (e.g., AWS Certified Security – Specialty, GCP Professional Cloud Security Engineer, CISSP, CEH, or CISM) to enhance your expertise and career prospects.
  • Conferences & Events: Attend cloud security conferences and events to network with industry professionals and stay informed about emerging trends and best practices.
  • Mentoring & Coaching: Seek mentorship from experienced cloud security professionals and provide guidance to junior team members to develop their skills and advance their careers.

📝 Enhancement Note: This role presents significant technical challenges and growth opportunities for a motivated Cloud Security Engineer looking to make a real impact in a dynamic and highly regulated fintech environment.

💡 Interview Preparation

Technical Questions:

  • Cloud Security Architecture: Describe your approach to designing and implementing secure cloud architecture tailored to fintech needs. How do you ensure the protection of sensitive financial data in the cloud?
  • Incident Response: Walk us through your process for investigating and responding to security incidents. How do you prioritize and mitigate potential threats to the platform and users?
  • Compliance & Audits: Explain your approach to defining and enforcing cloud security policies, conducting regular audits, and ensuring compliance with industry standards. How do you stay up-to-date with emerging threats and security trends?

Company & Culture Questions:

  • Team Collaboration: Describe your experience working with cross-functional teams to ensure security by design. How do you maintain open lines of communication and facilitate knowledge-sharing?
  • Continuous Learning: How do you stay up-to-date with emerging threats, security trends, and best practices in cloud security? What resources and strategies do you use to maintain your expertise?
  • Proactive & Resilient: Can you provide an example of a time when you proactively identified and mitigated a potential security threat? How did you approach the situation, and what was the outcome?

Portfolio Presentation Strategy:

  • Architecture & Configuration: Highlight your experience designing and implementing secure cloud architecture, with a focus on protecting sensitive financial data in the cloud.
  • Incident Response: Showcase your incident response skills and provide evidence of successful mitigation efforts led.
  • Compliance & Audits: Demonstrate your ability to define and enforce cloud security policies, conduct regular audits, and ensure compliance with industry standards.

📝 Enhancement Note: Thorough preparation for technical and company-specific questions, as well as a well-structured portfolio presentation, will significantly enhance an applicant's competitiveness for this role.

📌 Application Steps

To apply for this Cloud Security Engineer position:

  1. Tailor Your Resume: Highlight your cloud security experience, technical skills, and relevant certifications. Include specific examples of your incident response and compliance experience.
  2. Prepare Your Portfolio: Showcase your cloud security architecture design and implementation, incident response, and compliance experience. Include clear and concise technical documentation outlining your approach to cloud security.
  3. Research the Company: Familiarize yourself with Stockbit's company culture, values, and security challenges. Prepare thoughtful questions to ask during the interview process.
  4. Practice Technical Challenges: Brush up on your cloud security knowledge, focusing on architecture, incident response, and compliance. Prepare for technical challenges related to cloud security architecture, incident response, and compliance.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and cloud security industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.

Application Requirements

Minimum 3 years of experience in Cloud Security or a related role is required, along with a strong understanding of cloud platforms and their security features. Familiarity with data protection regulations and security frameworks in fintech is also essential.