We are looking for a Senior Security Engineer to join Kredivo Group’s Cyber Defense team. This role is designed for professionals who can bridge enterprise security engineering, threat hunting and incident response.

You will play a critical role in protecting our infrastructure, endpoints and applications from advanced threats, while also proactively hunting for malicious activity and leading IR efforts.

You’ll collaborate with IT, engineering and other security teams based in Indonesia & India to build, monitor and evolve security defenses, while staying ahead of adversaries through threat intelligence and detection engineering.

Responsibilities.

Threat Hunting & Detections

• Continuous monitoring of both internal and external systems to detect threats, uncover vulnerabilities and ensure policy compliance.
  
  

• Conduct proactive hunts using SIEM data logs and threat intelligence sources.
  
  
• Correlate IOCs/TTPs with internal activity using SIEM, EDR and custom automation.
  
  
• Maintain and expand threat detection rules mapped to MITRE ATT&CK.
  
  
• Deploy, configure and monitor security tools (EDR, DLP, VMDR).
  
  
• Analyze dark web chatter, OSINT sources and intelligence platforms to identify emerging threats.
  
  
• Generate weekly/monthly hunting & intel reports with actionable recommendations.
  
  

Incident Response

• Lead incident response, perform forensics and log analysis to identify root causes.
  
  
• Support containment, eradication and remediation efforts with cross functional teams.
  
  
• Develop security automations and workflows using scripting languages Python or Bash.
  
  
• Collaborate with the Threat Detection team to fine tune alerts and improve detection coverage.
  
  
• Contribute to IR playbooks, runbooks and post incident reviews.
  
  

Qualifications

• 4 to 7 years of experience in cybersecurity with exposure to enterprise security, threat hunting and incident response.
  
  
• Hands on with security platforms like EDR, DLP, Wazuh, Vulnerability Management, and Cloudflare WAF.
  
  
• Good understanding of adversary tactics like MITRE ATT&CK, TTPs, IOC handling.
  
  
• Working knowledge of scripting/automation (Python, Bash, PowerShell).
  
  
• Knowledge of forensic techniques, log analysis, and security monitoring platforms.
  
  
• Strong grasp of enterprise IT & SaaS security (GSuite, VPNs, cloud security, IAM).
  
  
• Preferred certifications: Security+, CCNA/P, GIAC (GCIA/GCTI/GCIH) or equivalent.
  
  
• Experience in Fintech or financial services is a plus.
  
  

Behavioral & Soft Skills

• Ownership mindset: can lead initiatives independently with minimal supervision.
  
  
• Strong analytical and problem solving skills in high-pressure situations.
  
  
• Excellent communicator and be able to explain technical security concepts to technical and non-technical stakeholders.
  
  
• Team player that collaborates effectively across IT, engineering and security.
  
  

Passionate about continuous learning, automation and staying current with the threat landscape.