Cloud Security Engineer

Location: Jakarta, Indonesia

About Terralogiq: Pioneering Geospatial Intelligence and Cloud Innovation in Asia

Join Terralogiq, a leading Google Cloud Premier Partner in Asia, and be part of a team that is redefining what&aposs possible with technology. Established in 2013, PT Terralogiq Integrasi Solusi is the market leader in Indonesia for location intelligence, geospatial solutions, and cloud services. As part of a global technology family with over 16 years of experience, we combine the agility and local expertise of a market leader with the resources and stability of a global enterprise.

Our mission is to empower businesses to thrive in the digital age. We are the first and only Google Maps Premier Partner in Indonesia, and our expertise in Google Cloud has enabled over 250 clientsfrom innovative startups to major state-owned enterprisesto transform their operations. We build solutions that matter, powering everything from nationwide logistics to smart city applications and disaster management platforms. At Terralogiq, you wont just be building infrastructure; you&aposll be engineering the future of digital Indonesia.

The Opportunity: Secure a Landmark Cloud Transformation

We are seeking an experienced Cloud Security Engineer to be a critical part of a landmark engagement: the end-to-end migration of a major enterprise client&aposs entire on-premises infrastructure to the Google Cloud Platform (GCP). This is a pivotal role where you will be the subject matter expert responsible for embedding security into every phase of the cloud transformation journey.

As the ideal candidate, you are a hands-on security professional dedicated to protecting cloud environments from the ground up. You will design and implement a robust security posture for the new GCP environment, leveraging cutting-edge Google security technologies to defend against modern threats. This is a unique opportunity to apply your expertise on a large-scale project, ensuring that a major enterprise&aposs cloud foundation is built on the principles of security, resilience, and compliance from day one.

Your Impact: Core Responsibilities

Cloud Security Architecture & Implementation

Design and implement a secure cloud foundation on GCP, including secure network architectures (VPCs, firewall rules, Cloud Armor), and data protection strategies.

Develop and enforce robust Identity and Access Management (IAM) policies, applying the principle of least privilege for all cloud resources.

Collaborate with infrastructure and application teams to integrate security controls throughout the migration lifecycle, ensuring a DevSecOps approach.

Automate the deployment of security controls and policies using Infrastructure as Code (IaC) techniques, primarily with Terraform.

Security Posture & Vulnerability Management

Utilize Google Security Command Center (SCC) as the central platform for visibility into assets, vulnerabilities, and misconfigurations across the GCP environment.

Continuously monitor the cloud environment using SCC&aposs Security Health Analytics to identify and remediate security risks, such as overly permissive IAM roles, public storage buckets, and open firewall ports.

Manage and report on compliance with industry benchmarks (e.g., CIS, NIST), using SCC to track violations and guide remediation efforts.

Threat Detection & Incident Response (SecOps)

Implement and operate Google SecOps (formerly Chronicle) to ingest, analyze, and correlate security telemetry from across the cloud and on-premises environments.

Develop and tune detection rules within the SIEM to identify active threats, malicious activity, and anomalies in real-time.

Lead incident response activities for cloud security events, from initial investigation and containment to remediation and reporting, leveraging SOAR capabilities to automate response playbooks.

Conduct proactive threat hunting exercises by querying logs and leveraging Google&aposs threat intelligence to uncover hidden threats.

Foundational Skills: Required Qualifications (Must-Haves)

3+ years of experience in a cybersecurity role, such as Security Engineer, SOC Analyst, or a similar position, with a strong preference for cloud-focused experience.

Hands-on experience designing, implementing, and managing security controls on a major cloud platform, with a strong preference for Google Cloud Platform (GCP).

Practical experience with Google Security Command Center (SCC) for posture management, vulnerability scanning, and compliance monitoring.

Familiarity with Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) concepts and tools.

Solid understanding of core security domains, including network security (firewalls, VPCs, segmentation), identity and access management (IAM), and data encryption.

Experience with scripting languages (e.g., Python, Bash) for security automation.

Excellent problem-solving skills and the ability to perform effectively in a client-facing role.

Differentiating Expertise: Preferred Qualifications (Nice-to-Haves)

Google Cloud Professional Cloud Security Engineer certification.

Hands-on experience with Google SecOps (Chronicle SIEM/SOAR).

Experience with Infrastructure as Code (IaC) tools, particularly Terraform, for managing security configurations.

Knowledge of container security principles (Docker, Kubernetes/GKE).

Experience with incident response procedures and familiarity with frameworks like MITRE ATT&CK.