Improving information security as a strategic advantage
Xendit is an Indonesian fintech company that provides payment infrastructure across Indonesia. Xendit processes payments, runs marketplaces, disburses payroll and loans, detects fraud and helps other businesses grow exponentially. We serve these companies by providing a suite of world-class APIs and a dashboard UI that simplifies processes.
Our main focus is to build the most advanced payment rails for Indonesia, with a clear goal in mind — to make payments in Indonesia simple, secure and easy for everyone. We currently serve local SMEs to some of Indonesia’s largest tech startups and also giant-sized businesses like Samsung. We process millions of transactions monthly, growing 25% month on month for the last 2 years. We are trusted and backed by some of the largest VCs in the world, who invested in Facebook, Slack, Twitch and Grab, and are alumni of the prestigious YCombinator (S15).
Act as the information security “ambassador” within the company to enable and maintain Xendit’s conformance to industry and regulatory requirements by pro-actively improving information security as a strategic advantage.
- Perform risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives and new product release
- Provide consultative support to product team on the methods, practices and solutions that achieve the requirements defined by applicable compliance requirements
- Interface with internal and external auditors to represent how compliance and security controls are applied and can be demonstrated in existing or planned products
- Lead collaboration efforts within Xendit to define, execute, and track pre-audit preparation and audit tasks to meet year-round IT compliance goals
- Manage and understand the information security policies and procedures and coordinate the communication within Xendit
- Support the development and implementation of security awareness, training, and continuous security improvement efforts
- Assist on technical implementation as and when needed to meet the compliance deadline
- Do whatever it takes to make Xendit succeed
You may be a good fit if
- Bachelor's degree in Computer Science. An equivalent combination of education and work experience may be taken into consideration in lieu of a degree.
- 4 - 6 years of relevant IT experience, with a minimum of 3 year experience focusing on information security
- Technical background and previous hands-on experience in software development or IT infrastructure
- You thrive on autonomy and have proven you can push towards a goal by yourself
- Creative and pragmatic problem solver, attentive to the urgent needs of the organization and not just the industry best practice
- Strong attention to detail, project management and organizational skills
- Exceptional verbal and written communication skills in English and Bahasa
- Successful track record on helping company to obtain or maintain international security standards such as PCI-DSS or ISO 27001
- Successful track record on helping company to obtain or maintain license from Bank Indonesia or OJK such as Payment Gateway Operator, Electronic Money or Money Remitter
- Bonus point if you are certified as CISA, ISO 27001 lead auditor, PCI ISA, or PCI QSA
What we care about
- Solve for the customer first: You build what customers want. You think about what is right for customers, not what is easiest for you
- Demonstrate mastery of honey badgery: You make ambitious goals. Then execute…no matter what stands in the way. When knocked down, you get up
- Take on challenges willingly and can be trusted to execute: You can be trusted to get things done right the first time quickly. You hit your deadlines
- You’re like us: You smile a lot, think work is fun and don’t take yourself too seriously. You measure yourself against the best and believe feedback is the breakfast of champions. You follow the golden rule
- You’re remarkable: People naturally talk about how awesome you are. If we can’t find someone who raves about you then it’s unlikely we will too
- Growing 25% month on month: We are one of the fastest growing companies in Southeast Asia and have done so for the last two years. We process close to 1b USD annually in payments by providing simple APIs for payments on a modern tech stack
- YCombinator Batch S15: YC is the best incubator in the world, producing Airbnb and Dropbox; 120 companies out of 6,000 applications get in
- Funded by investors behind Facebook, Slack, Kaokao, Path, Twitch, Grab, Tokopedia