Overview
IT & Security Operations Engineer Jobs in Jakarta, Indonesia at Helicap
Title: IT & Security Operations Engineer
Company: Helicap
Location: Jakarta, Indonesia
About the Role
This is Helicap's founding IT function. There is no playbook yet — you will write it.
You will own the full stack of IT operations and security for a 35-person remote-capable team: from provisioning a new hire's access to designing the controls that satisfy MAS TRM guidelines. We are looking for someone who can identify the right tools for the job, implement them, and integrate them into a coherent security programme.
If you thrive in environments where you build from scratch, make independent tooling decisions, and can move between hands-on administration and strategic security thinking — this role is for you.
What You'll Own
Run — Day-to-day operations
● Administer Google Workspace, Jumpcloud (including MDM), Ironscales, Cloudflare Zero Trust, Slack, GitHub, and Dropbox
● Own end-to-end employee lifecycle: onboarding, access provisioning across all platforms, offboarding, and deprovisioning — integrated with BrioHR
● Maintain the IT asset inventory and endpoint management programme
● Handle IT support and issue resolution for a primarily non-technical team
Build — Programme and tooling
● Design and document a formal onboarding/offboarding process with automated access controls triggered from BrioHR
● Implement and manage endpoint detection and response across the device fleet
● Build and maintain a vendor registry with associated risk assessments
● Govern cloud and developer access in AWS and GitHub — IAM roles, access reviews, CloudTrail monitoring
● Identify, evaluate, and integrate tooling gaps across the security stack
● Own Helicap's MAS TRM compliance artefacts: access reviews, risk assessments, incident logs, and audit trail documentation
● Develop and maintain security policies, runbooks, and employee security guidelines
What We're Looking For
● 4–7 years of IT operations and/or security engineering experience, ideally at an SME or startup where you were the sole or lead IT function
● Hands-on experience with identity and access management platforms (Jumpcloud, Okta, Azure AD, or equivalent)
● Google Workspace and Slack administration
● Experience governing cloud access in AWS — IAM, CloudTrail, Security Hub
● Familiarity with zero-trust network access (Cloudflare Zero Trust or equivalent)
● Working knowledge of MAS TRM guidelines or a comparable fintech/financial services compliance framework
● Experience building or owning vendor risk management and IT asset tracking programmes
● Scripting or automation skills (Python, Bash, or similar) for provisioning workflows and tooling integration
● Strong documentation habits — you write runbooks, not tribal knowledge
● Comfortable making independent tooling recommendations and owning implementation end-to-end
Tools You'll Work With
Current stack
● Identity, access & MDM: Jumpcloud
● Email security: Ironscales
● Collaboration & file storage: Google Workspace, Slack, Dropbox
● Network access: Cloudflare Zero Trust
● Cloud infrastructure: AWS
● HR: BrioHR
● CRM: HubSpot
● Code & project management: GitHub, Linear
Gaps to evaluate and fill — your call on tooling
● Endpoint detection & response (EDR) — e.g. CrowdStrike, SentinelOne, Microsoft Defender
● IT ticketing / ITSM — e.g. Freshservice, Jira Service Management
● Privileged access management (PAM) — for elevated AWS and GitHub access
● Security awareness training — e.g. KnowBe4
● SIEM / log aggregation — e.g. Datadog Security, Elastic SIEM
● Data loss prevention (DLP) — across Google Workspace, Slack, and Dropbox
● Password manager — e.g. 1Password, Bitwarden
What We Offer
● Remote-first with flexibility across Singapore, India, and Malaysia
● Direct ownership of Helicap's IT and security function from day one
● A small, technical team that trusts you to make the right calls
Open to Proposals
We are also open to hearing from IT managed service providers, consultancies, or staffing agencies who can deliver this capability — whether as a direct placement or a managed service. If that's you, reach out with details of how you would approach the scope above.