Moladin is Indonesia’s leading mobility fintech platform with end to end financing solutions for all players in the used car and EV ecosystem. Moladin empowers its rapidly growing network of more than 26,000 active used car agents and dealer MSMEs, and provides used car consumers with better financing access through digitized loan underwriting. This is supported by its strong used car capabilities with branches and warehouses covering more than 100 cities, industry-leading AI / IoT and partnerships with all top auto financing companies across Indonesia, and also through its OJK-regulated multi-finance company PT Moladin Finance Indonesia. Moladin’s vision is to be a positive driving force in the physical and social mobility of all the people it touches (“Mobility for all”). Develop and oversee key performance indicators (KPIs) for security. Oversee service level agreements (SLAs) for security operations and create risk-based dashboards for reporting. Create and implement a comprehensive vulnerability management program, including managing activities related to vulnerability assessment (VA) and penetration testing (PT). Develop and implement security programs for network, server, and cloud environments, including onboarding processes and pre - and post-scanning activities. Conduct periodic configuration reviews based on CIS benchmarks. Collaborate in managing the endpoint security, network security, and server security programs. Collaborate in managing the overall security operations management program. At least 3-5 years of documented work experience in security engineering. Prior practical knowledge of web, mobile, and cloud security. Hands-on experience in constructing and maintaining security measures such as firewalls, intrusion detection systems, antivirus software, authentication systems, content filtering, etc. Thorough understanding of IT infrastructure concepts across all layers, including Servers, Networks, End User Computing, and Cloud. Experience in designing and implementing risk-based information security programs. Hands-on experience in implementing standards such as ISO 27001, NIST, CIS, or equivalent. Hands-on experience in designing, implementing, and managing Data Leak Prevention programs. Experience in utilizing anti-malware solutions. Experience in designing security programs for cloud services, including IAAS, PAAS, and SAAS. Hands-on experience with native cloud security capabilities. Experience in implementing cloud security solutions like CASB. Excellent communication and presentation skills. Experience in collaborating with mid-level and senior-level management, with the ability to understand business processes and requirements. Understanding and effectively communicating security risks to core technology teams and business functions. **Preferred certifications**: CISSP, CCSP, CISM, ISO 270001 LI/LA.