Security Engineer

Company DescriptionYOUR! (formerly Yourpay) is a neobank focused on empowering and transforming the lives of underbanked mothers and families in rural areas of Indonesia. Our goal is to provide secure, affordable, and user-friendly financial services to Indonesian migrant workers around the world. We offer a comprehensive platform for payments, transfers, lending, and savings, allowing users to access five pillars of financial transactions: payment, lending, insurance, investment, and saving. To date, we have served over 2 million transactions for more than 60,000 active users in Indonesia, Taiwan, Hong Kong, Singapore, and soon Malaysia and Saudi Arabia. Join us in revolutionizing financial inclusion and making a positive impact on communities.Role DescriptionWe are seeking a Security Engineer to build and strengthen the security foundation of our fintech platform. You will design and implement security controls, monitor and respond to threats, and ensure compliance with OJK, Bank Indonesia, and PDP Law requirements. As our first dedicated security hire, you will work closely with engineering, infrastructure, and IT GRC teams to embed security best practices, protect sensitive data, and foster a security-first culture.ResponsibilitiesDesign, implement, and manage security controls across applications, infrastructure, and cloud environments.Monitor, detect, and respond to security incidents, including performing root cause analysis and remediation.Conduct vulnerability assessments, penetration testing, and security reviews on systems and applications.Work with engineering teams to integrate security best practices into SDLC, CI/CD, and infrastructure deployments.Ensure compliance with regulatory requirements (OJK, Bank Indonesia, PDP Law, ISO 27001, PCI DSS).Manage identity and access management (IAM), endpoint protection, and data protection measures.Develop and maintain security policies, standards, and procedures.Provide security awareness training and guidance to employees.Collaborate with IT GRC and Infrastructure teams on risk management, audits, and incident response.Evaluate and implement new security tools, technologies, and frameworks to strengthen defensesRequirementsStrong knowledge of network security, cloud security (AWS/GCP/Azure), and endpoint protection.Experience with security frameworks and standards: ISO 27001, NIST CSF, CIS Controls, OWASP Top 10.Hands-on experience with SIEM, IDS/IPS, vulnerability scanners, and endpoint security solutions.Understanding of secure coding practices, API security, and encryption methods.Familiarity with regulatory compliance in Indonesia (OJK, Bank Indonesia, PDP Law) is a plus.Relevant certifications preferred: CEH, OSCP, CISSP, or CompTIA Security+.Strong problem-solving skills, analytical mindset, and ability to work in a fast-paced environment.Excellent communication and collaboration skills to partner with cross-functional teams.Please submit your CV to recruitment@yourpay.co.id with email SUBJECT: Security Engineer - Name