Cloud Security Engineer

Ajaib

Cloud Security Engineer at Ajaib responsible for detecting and responding to security incidents and maintaining infrastructure integrity. Leveraging automation and incident response methodologies within cloud environments.

Posted 5/5/2026full-timeJakarta • 🇮🇩 IndonesiaMid-LevelSeniorWebsite

Tech Stack

Tools & technologies

AWSCloudFlashGoogle Cloud PlatformPython

About the role

Key responsibilities & impact

Monitoring & Triage: Lead 24x7 monitoring and triage of security alerts across SIEM (Wazuh), EDR (CrowdStrike), DLP and cloud environments.
Incident Lifecycle: Lead detection, triage, containment, and post-incident reviews for infrastructure and cloud-layer security events.
Core Metric Ownership: Drive the reduction of Mean Time to Detect (MTTD) through improved correlation and automated alerting.
Threat Hunting: Perform proactive threat hunting using MITRE ATT&CK techniques to identify advanced threats before they impact production.
Infrastructure-as-Code (IaC) Guardrails: Implement and monitor IaC guardrails with automated drift detection to prevent misconfigurations in GCP/AWS.
Standardized Golden Images: Partner with engineering to deploy immutable infrastructure through standardized "Golden Images" to eliminate manual server hardening.
SOAR & Response Playbooks: Build and manage automated SOAR (Security Orchestration, Automation, and Response) playbooks to reduce Mean Time to Respond (MTTR) and ensure instant containment of threats.
Inventory Discovery: Implement automated inventory discovery to ensure "if it isn't tagged, it doesn't run" within cloud environments.
DLP Governance.
EDR Administration: Fine-tune and manage CrowdStrike Falcon (Managed Service) and oversee the decommissioning of legacy EDR solutions (Symantec).
WAF Optimization: Manage and optimize Cloudflare WAF rules to protect application layers against DDoS and web attacks.
Teleport Governance: Manage secure infrastructure access through Teleport, moving away from legacy SSH/VPN access toward a Zero-Trust identity anchor.
Asset Monitoring: Monitor for threats targeting hot/cold storage systems and exchange infrastructure.
Identity Integrity: Enforce the "Identity Anchor" by ensuring all infrastructure access is anchored to the corporate IDP (Google Workspace/JumpCloud).

Requirements

What you’ll need

Experience: 3+ years in a SOC or Security Operations environment, preferably within Fintech or Digital Banking
SIEM/Logging: Proficiency in Wazuh (log ingestion, correlation, and dashboards) or any other SIEM tool and Google SCC.
EDR/WAF: Hands-on experience managing CrowdStrike Falcon and Cloudflare WAF.
Cloud Security: Practical experience with GCP or AWS security monitoring and IAM.
Incident Response: Mastery of the full incident lifecycle (Triage, Containment, Eradication, Lessons Learned).
Scripting: Proficiency in Python or Bash for automating response playbooks and custom security checks.
IaC Security: Basic knowledge of GCP or AWS for monitoring infrastructure drift.
Frameworks: Familiarity with MITRE ATT&CK.
Crypto Security: Basic understanding of blockchain fundamentals, wallet security, and DeFi-specific threats (e.g., flash loans, exchange exploits).
JumpCloud Integration: Experience integrating JumpCloud with infrastructure tools to enforce the "Kill Switch" during offboarding.

Benefits

Comp & perks

Join us as we make magic happen to increase Indonesia’s financial inclusion!

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

SIEMWazuhEDRCrowdStrikeDLPGCPAWSPythonBashMITRE ATT&CK

Soft Skills

leadershipcommunicationincident responseproblem-solvingcollaboration