Kredivo is hiring a Senior Cloud Infrastructure Security Engineer in the Jakarta Office. This position will report to the Cloud Infrastructure Security Manager and will be accountable for strengthening the security posture of our cloud infrastructure across AWS and GCP.

In this role, you will be responsible for implementing, and continuously improving cloud security controls, guardrails, and governance mechanisms to ensure secure-by-default cloud infrastructure. You will work closely with Infrastructure Platform and Infrastructure Operations teams to embed security into infrastructure automation, identity management, networking, and data protection practices.

In addition, you will help enhance threat detection and monitoring capabilities, improve security visibility across cloud environments, and drive remediation initiatives to reduce risk and ensure compliance with internal and regulatory standards. You will play a key role in advancing our cloud security maturity through automation, proactive risk assessment, and continuous improvement.

About the job:

• Be a subject matter expert for the team in terms of cloud infrastructure security
• Design and configure cloud infrastructure architecture across multi-cloud environments
• Establish detection, monitoring, correction, and preventive control around cloud infrastructure security best practices
• Establish trackable security remediation process around cloud infrastructure
• Participate in incident response and root cause analysis
• Gatekeeping the cloud security posture score in AWS Security Hub and GCP Security Command Center and contribute in how to improve

About you:

• Min. 3 years of experience in Cloud/Infrastructure Engineering with exposure in security
• Solid understanding, proficient in architecting and securing multi-account AWS environments and GCP projects
• Solid understanding in IAM policy concepts, least privileges access, MFA, VPC Service Controls, Guardrails
• Determined, has the confident in taking ownership of cloud infrastructure security tasks
• Hands on with Infrastructure-as-Code, preferably Terraform
• Ability to design security observability dashboards and metrics
• Knowledge of securing containerized workloads and orchestration platforms such Docker and Kubernetes (GKE/EKS)
• Knowledge of SQL and data validation are preferred
• Knowledge of global security standards and compliance frameworks (CIS Benchmarks, NIST 800-53, or ISO 27001)
  
  #LI-RR1