Langsung ke konten utama
Kembali ke Lowongan

Security Engineer (Internal)

Lindungi infrastruktur cloud

Sebagai Security Engineer di Maze, Anda akan bertanggung jawab atas keamanan internal perusahaan, termasuk infrastruktur cloud, aplikasi, dan proses pengembangan. Anda akan bekerja secara mandiri untuk memastikan keamanan perusahaan dan membangun fondasi keamanan yang kuat. Perusahaan ini adalah startup yang berkembang di bidang kecerdasan buatan dan keamanan siber.

Kenapa Menarik?

Bergabung dengan Maze untuk membangun fondasi keamanan internal yang kuat dan menjadi bagian dari tim yang dinamis.

Tanggung Jawab Utama

  • Mengamankan infrastruktur cloud AWS
  • Mengembangkan keamanan aplikasi
  • Membangun tooling dan monitoring keamanan
  • Mengelola compliance dan kepatuhan

Persyaratan

  • Pengalaman sebagai security engineer
  • Pengetahuan tentang keamanan cloud dan aplikasi
  • Kemampuan untuk bekerja secara mandiri

Skills Wajib

security engineeringcloud securityapplication securitycompliance management

Konteks Indonesia

Overlap Jam Kerja:
Fleksibel — atur jam kerjamu sendiri
Lihat selisih gaji remote (USD) vs lokal →

Keywords

security engineercloud securityapplication securitycomplianceawsterraform
Lihat Deskripsi Asli dari Ashby Job Boards

Deskripsi asli dari Ashby Job Boards

Summary of the Role: As Security Engineer (Internal) at Maze, you'll own how we secure ourselves — our cloud, our applications, and the way our engineers build. This is a unique opportunity to join a well-funded Series A startup building at the intersection of generative AI and cybersecurity, establishing the internal security foundation that lets a three-product company keep moving fast as it scales. You'll take hands-on ownership of cloud infrastructure security, application security, security tooling, and the compliance work that unlocks enterprise deals. We're deliberately looking for a strong generalist rather than a narrow specialist: someone who can harden our AWS environment and identity model, get into the weeds on application security, and run a pragmatic compliance program — and who knows when a control is worth the friction and when it isn't. Your success will be measured by the robustness of our security posture, our readiness for enterprise customer requirements, and your ability to make secure the default path for engineering rather than a blocker. This role is perfect for a pragmatic, broad security engineer who has built and run security at a startup, thrives with autonomy, and wants to own a domain end-to-end. You'll be our founding internal security hire — but not a lone wolf for long: this is the first role in a function we expect to grow, and as we scale we'll add to the team and bring in dedicated security leadership. You'll set the foundations the rest of that team is built on, and have a clear runway to grow alongside it. YOUR CONTRIBUTIONS TO OUR JOURNEY: - Harden Our Cloud Infrastructure: Secure our AWS environment by design — identity and access management, hardening, network and infrastructure-as-code controls (Terraform) — closing real risk rather than chasing checkboxes - Own Application Security: Embed application security into how we build, from secure-by-default patterns and code review guidance to triaging and driving down vulnerabilities across our own products and services - Build Security Tooling and Monitoring: Stand up the monitoring, logging, and alerting that gives us visibility across infrastructure and applications, and serve as our first line of defence - Run Compliance Pragmatically: Lead readiness for SOC2, ISO27001, and similar frameworks — building the controls, documentation, and evidence that support enterprise sales without drowning the team in process - Establish Security Policies That Enable: Create practical security policies and procedures that keep standards high while letting the team move quickly — no security theatre - Automate Security Operations: Build security automation and tooling in code, using AI-assisted workflows to ship faster while keeping quality high - Manage Vendor and Supply-Chain Security: Assess third-party vendors and tools so our supply chain meets enterprise expectations - Enable Incident Response: Develop incident response plans and runbooks, and establish clear processes for detecting, responding to, and recovering from security incidents WHAT YOU NEED TO BE SUCCESSFUL: - Broad, Hands-On Security Engineering: 5+ years building and running security, with genuine breadth across cloud security and application security rather than depth in only one — comfortable being the person who covers the whole surface area - AWS Security Expertise: Deep, hands-on knowledge of AWS security — IAM, hardening, and AWS-native security tooling — with the judgement to prioritise what matters - Application Security Capability: Real experience finding and fixing application-layer vulnerabilities, and embedding secure development practices into engineering workflows - Infrastructure as Code Proficiency: Strong experience managing security controls programmatically with Terraform, building secure, scalable infrastructure through code - Coding and Scripting Skills: Proficiency in Python, Bash, or similar for security automation, custom tooling, and integrating security into development workflows - Compliance and GRC Know-How: Practical experience translating SOC2, ISO27001, or similar requirements into technical controls — without letting process become the product - Pragmatic Security Mindset: A track record of balancing security rigour with business velocity, implementing controls that enable engineering rather than block it - Startup Self-Direction: Proven ability to operate autonomously as an early security hire, prioritise ruthlessly, and build without extensive oversight — and to thrive in the ambiguity of an early-stage company - Foundation-Setter: Mindset to build security in a way others can build on as the team grows — clear documentation, repeatable processes, and standards a future team and security leadership inherit cleanly - Nice to haves: - Experience building security programs at early-stage startups (seed through Series B) - Background in DevOps or SRE that grew into security engineering - Familiarity with container security (Docker, Kubernetes) - Experience at a cybersecurity product company - A bias toward building vs buying security tooling under startup constraints - AI-assisted security workflow experience WHY JOIN US: - Ambitious Challenge: We're building at the intersection of generative AI (LLMs and agents) and cybersecurity — and you'll secure the company doing it, across cloud and application security. - Build Security from Zero: Own the internal security function from day one, establishing the architecture, tooling, and practices that scale Maze through hypergrowth — then help grow the team and function around you as we scale. - Expert Team: Work alongside a CTO and engineering team with deep experience in AI and cybersecurity — hands-on leaders who have been part of multiple acquisitions and an IPO — giving you strong technical partnership while you own security. - Impactful Work: Cybersecurity is a force for good. Your work directly enables AI-powered security solutions that protect organisations worldwide — making security an enabler of innovation, not a blocker. - Build an AI-native Company: Join early enough to design everything from the ground up, with significant equity upside and a clear path to grow as our security organisation matures.

Lamar gratis

Akun gratis · tanpa kartu kredit · Masuk

Pro Rp39rb/bln · lamar tanpa batas + resume AI

Lihat 5 lowongan serupa →

Terbuka untuk Indonesia
Perusahaan
Maze
Sumber
Ashby Job Boards
Tipe Pekerjaan
full time
Lokasi
Remote · Open worldwide
Kategori
Level
senior
DipostingFresh
26 Jun 2026

Bagikan lowongan ini

Bantu temanmu nemu kerja remote berikutnya.

Data & laporan pasar

Riset gaji & permintaan skill dari data lowongan kami sendiri.

Lamar gratis

Akun gratis · tanpa kartu kredit · Masuk

Pro Rp39rb/bln · lamar tanpa batas + resume AI