Overview

IT & Security Operations Engineer Jobs in Jakarta, Indonesia at Helicap

Title: IT & Security Operations Engineer

Company: Helicap

Location: Jakarta, Indonesia

About the Role

This is Helicap's founding IT function. There is no playbook yet — you will write it.

You will own the full stack of IT operations and security for a 35-person remote-capable team: from provisioning a new hire's access to designing the controls that satisfy MAS TRM guidelines. We are looking for someone who can identify the right tools for the job, implement them, and integrate them into a coherent security programme.

If you thrive in environments where you build from scratch, make independent tooling decisions, and can move between hands-on administration and strategic security thinking — this role is for you.

What You'll Own

Run — Day-to-day operations

● Administer Google Workspace, Jumpcloud (including MDM), Ironscales, Cloudflare Zero Trust, Slack, GitHub, and Dropbox

● Own end-to-end employee lifecycle: onboarding, access provisioning across all platforms, offboarding, and deprovisioning — integrated with BrioHR

● Maintain the IT asset inventory and endpoint management programme

● Handle IT support and issue resolution for a primarily non-technical team

Build — Programme and tooling

● Design and document a formal onboarding/offboarding process with automated access controls triggered from BrioHR

● Implement and manage endpoint detection and response across the device fleet

● Build and maintain a vendor registry with associated risk assessments

● Govern cloud and developer access in AWS and GitHub — IAM roles, access reviews, CloudTrail monitoring

● Identify, evaluate, and integrate tooling gaps across the security stack

● Own Helicap's MAS TRM compliance artefacts: access reviews, risk assessments, incident logs, and audit trail documentation

● Develop and maintain security policies, runbooks, and employee security guidelines

What We're Looking For

● 4–7 years of IT operations and/or security engineering experience, ideally at an SME or startup where you were the sole or lead IT function

● Hands-on experience with identity and access management platforms (Jumpcloud, Okta, Azure AD, or equivalent)

● Google Workspace and Slack administration

● Experience governing cloud access in AWS — IAM, CloudTrail, Security Hub

● Familiarity with zero-trust network access (Cloudflare Zero Trust or equivalent)

● Working knowledge of MAS TRM guidelines or a comparable fintech/financial services compliance framework

● Experience building or owning vendor risk management and IT asset tracking programmes

● Scripting or automation skills (Python, Bash, or similar) for provisioning workflows and tooling integration

● Strong documentation habits — you write runbooks, not tribal knowledge

● Comfortable making independent tooling recommendations and owning implementation end-to-end

Tools You'll Work With

Current stack

● Identity, access & MDM: Jumpcloud

● Email security: Ironscales

● Collaboration & file storage: Google Workspace, Slack, Dropbox

● Network access: Cloudflare Zero Trust

● Cloud infrastructure: AWS

● HR: BrioHR

● CRM: HubSpot

● Code & project management: GitHub, Linear

Gaps to evaluate and fill — your call on tooling

● Endpoint detection & response (EDR) — e.g. CrowdStrike, SentinelOne, Microsoft Defender

● IT ticketing / ITSM — e.g. Freshservice, Jira Service Management

● Privileged access management (PAM) — for elevated AWS and GitHub access

● Security awareness training — e.g. KnowBe4

● SIEM / log aggregation — e.g. Datadog Security, Elastic SIEM

● Data loss prevention (DLP) — across Google Workspace, Slack, and Dropbox

● Password manager — e.g. 1Password, Bitwarden

What We Offer

● Remote-first with flexibility across Singapore, India, and Malaysia

● Direct ownership of Helicap's IT and security function from day one

● A small, technical team that trusts you to make the right calls

Open to Proposals

We are also open to hearing from IT managed service providers, consultancies, or staffing agencies who can deliver this capability — whether as a direct placement or a managed service. If that's you, reach out with details of how you would approach the scope above.

Upload your CV/resume or any other relevant file. Max. file size: 800 MB.