Bachelor's degree (S1) in Information Technology or a related field.
Minimum 2–5 years of experience as a Security Analyst or in similar role.
Proven experience handling security requirements for digital banking channels such as Mobile Banking, Internet Banking, and Business Internet Banking.
Hands-on experience in Penetration Testing and Vulnerability Assessment, particularly for e-channel platforms (MB, IB, IBB, ATM, CMS, EDC, etc.), with a strong understanding of findings and mitigation standards.
Strong knowledge of various security layers including root and jailbreak detection, SSL pinning, code obfuscation, emulator detection, encryption, API and secret key management, authentication tokens, 2FA, credentials, HSM, code signing, payload signing, payload encryption, and rate limiting.
Good understanding of IT security standards such as ISO 27001, NIST, CIS Benchmark, and internal security policies.
Familiarity with project management, SDLC, and experience handling security-related projects.
Experience working with Fraud Detection Systems and analyzing fraud cases.
Up-to-date knowledge of cybersecurity trends, threats, and attack patterns.
Relevant security certifications (e.g., Certified Mobile Application Security Expert – CMASE or equivalent) are preferred.
Strong analytical thinking, problem-solving skills, and decision-making capability.
Good communication and collaboration skills, with the ability to work effectively across teams.
Job Description:
Manage and oversee security aspects of e-channel application projects (Mobile Banking, Internet Banking, ATM, CMS, EDC, etc.) across all SDLC phases, including BRD, FSD, development, SIT, UAT, penetration testing, vulnerability assessment, and go-live.
Conduct and coordinate annual penetration testing activities in collaboration with IT Security teams and external vendors.
Support audit, review, and regulatory compliance activities related to security aspects in e-channel systems.
Analyze fraud cases and anomalies from Fraud Detection Systems in collaboration with relevant teams such as Anti-Fraud Management and IT Security.
Review and assess new security requirements from internal policies, regulatory bodies (OJK, BI), QA, and platform providers such as App Store and Play Store.
Monitor and analyze security threats using SLA reports and security monitoring tools.
Provide support for all IT Security-related activities and initiatives related to e-channel systems.
Prepare and maintain documentation required for security certifications such as ISO and other compliance assessments.
Review source code analysis results provided by vendors to ensure compliance with security standards.
Investigate and handle production issues, including analyzing their potential impact on system security.
Monitor updates of security libraries and ensure proper implementation within ongoing and future projects.
