SOC Analyst at Xendit
South Jakarta, ID
Measure and protect what matters - SOC @SECaaS
Xendit is an Indonesian fintech company that provides payment infrastructure across Indonesia. Xendit processes payments, runs marketplaces, disburses payroll and loans, detects fraud and helps other businesses grow exponentially. We serve these companies by providing a suite of world-class APIs and a dashboard UI that simplifies processes.
Our main focus is to build the most advanced payment rails for Indonesia, with a clear goal in mind — to make payments in Indonesia simple, secure and easy for everyone. We currently serve local SMEs to some of Indonesia’s largest tech startups and also giant-sized businesses like Samsung. We process millions of transactions monthly, growing 25% month on month for the last 2 years. We are trusted and backed by some of the largest VCs in the world, and are alumni of the prestigious YCombinator (S15).
- Information Security division at Xendit comprises two major units -> x-SecOps and SECaaS. Security Operations Center is part of SECaaS, and operates as an SLA driven independent function.
- Functions of this role comprise - consolidating all parameters which could indicate security posture, real time monitoring alerts, daily reporting and remediation support.
- SECaaS is the independent security assessment team of Xendit, supporting agile security implementations via x-SecOps (DevSecOps and InfraSecOps)
Act like a communicating super-sensor of all sensors at Xendit to monitor Xendit and its contracted clients about risk exposure in it’s infrastructure, applications and processes, via timely tests and detailed reporting.
- Setup a comprehensive SOC Security Operation Center (SOC) environment.
- Responsible for 24x7 (moderated) SOC.
- Provide analysis and trending of security log data from a large number of heterogeneous security devices.
- Provide Incident Response (IR) support when analysis confirms actionable incident.
- Provide threat modelling, vulnerability analysis as well as security advisory services (in coordination with Red team).
- Analyze and respond to previously undisclosed software and hardware vulnerabilities (coming from Red team)
- Investigate, document, and report on information security issues on a daily basis (PCIDSS compliance).
- Business Continuity simulations
You may be a good fit if
- List anything that we think is essential or a strong indicator of success
- Experience: min 3-5 yrs or exceptional track record
- Education: BEngg Comp Sci or equivalent
- Skills: expert use of SIEM, use case modelling, fraud analysis
- Jobs: SOC analyst/specialist/lead
- Companies: DCs, large B2C/B2B operations, consultancies
- Achievements: Use case models that benefited the bottomline.
- You thrive on autonomy and have proven you can push towards a goal by yourself
- You communicate well across teams
- Bonus points if you can bring in network of security professionals
What we care about
- Solve for the customer first: You build what customers want. You think about what is right for customers, not what is easiest for you
- Demonstrate mastery of honey badgery: You make ambitious goals. Then execute…no matter what stands in the way. When knocked down, you get up
- Take on challenges willingly and can be trusted to execute: You can be trusted to get things done right the first time quickly. You hit your deadlines
- You’re like us: You smile a lot, think work is fun and don’t take yourself too seriously. You measure yourself against the best and believe feedback is the breakfast of champions. You follow the golden rule
- You’re remarkable: People naturally talk about how awesome you are. If we can’t find someone who raves about you then it’s unlikely we will too
- Growing 25% month on month: We are one of the fastest growing companies in Southeast Asia and have done so for the last two years. We process close to 1b USD annually in payments by providing simple APIs for payments on a modern tech stack
- YCombinator Batch S15: YC is the best incubator in the world, producing Airbnb and Dropbox; 120 companies out of 6,000 applications get in
- Funded by investors behind Facebook, Slack, Kaokao, Path, Twitch, Grab, Tokopedia