DevSecOps (Contract Based)

About Us

INDICO is a digital technology subsidiary company of Telkomsel, Indonesia's leading digital telecom company. INDICO plays a strategic role as a holding company that houses current and prospective vertical digital business portfolios, including Kuncie (edu-tech), Fita (health-tech), and Majamojo (game). Moving forward, INDICO aims to explore opportunities in multiple verticals adjacent to Telkomsel's digital businesses. Our goal is to leverage Telkomsel's digital assets to develop innovative cross-sectoral digital solutions, empowering Indonesia's digital economy.

Key Responsibilities:

Infrastructure & Cloud Management 

• Collaborate in designing, implementing, and maintaining secure, scalable, and cost-efficient AWS infrastructure using services such as EC2, S3, Lambda, RDS, DynamoDB, and VPC 

• Develop and maintain Infrastructure as Code (IaC) using Terraform and Terragrunt for consistent and repeatable deployments 
• Assist in monitoring and optimizing AWS resource usage to ensure cost efficiency while maintaining performance standards 
• Support implementation of AWS security best practices, including IAM policies, Secrets Manager, Security Hub, WAF, and GuardDuty, while learning compliance requirements with industry standards 

DevSecOps & CI/CD Pipeline Management 

• Build and maintain GitLab CI/CD pipelines for automated testing, building, and deployment processes 
• Integrate security controls into the DevOps lifecycle by working with tools like SonarQube, Checkmarx, or Snyk for static application security testing (SAST) and dependency scanning 
• Learn and implement DAST (Dynamic Application Security Testing) tools and processes to identify runtime vulnerabilities 
• Use SonarQube to support coding standards enforcement, identify vulnerabilities, and contribute to high-quality code practices across development teams 

 Container Orchestration & Management

• Manage containerized applications using Docker and work with orchestration platforms including Kubernetes (EKS), Amazon ECS, or Fargate 
• Learn and apply container security best practices and vulnerability scanning for Docker images 
• Contribute to designing and maintaining scalable microservices architectures using container technologies 

Monitoring & Observability 

• Set up and manage monitoring tools such as AWS CloudWatch, Prometheus, Grafana, Opentelemetry, and ELK Stack for insights into system performance, availability, and security 
• Create dashboards and alerting mechanisms for proactive incident response 
• Support logging strategies and centralized log management for security and compliance requirements 

Collaboration & Continuous Learning 

• Contribute to disaster recovery (DR) planning and backup strategies to ensure business continuity and data integrity 

• Work closely with development, operations, and security teams to ensure seamless integration and delivery of solutions 

• Continuously learn and stay updated with DevSecOps best practices and emerging technologies 

Requirements

Education 

• Bachelor's degree in Computer Science, Information Technology, Engineering, or related field 
• Equivalent professional experience and demonstrated skills will be considered 
• Continuous learning mindset and willingness to pursue additional certifications 

Technical Expertise 

• 3+ years of experience with AWS cloud services and basic architecture principles 

• 2+ years of experience with Terraform and Terragrunt or willingness to learn infrastructure automation quickly 

• Good understanding of Docker containerization and Kubernetes fundamentals 

• Experience with GitLab CI/CD or similar CI/CD tools and pipeline development 

• Basic knowledge of SAST and DAST security testing concepts with eagerness to deepen expertise 

• Familiarity with Grafana and AWS CloudWatch for monitoring and alerting 

Security & Compliance 

• Understanding of cloud security principles and AWS security services 
• Some exposure to security scanning tools (SonarQube, Checkmarx, Snyk, etc.) 
• Basic knowledge of compliance frameworks and security best practices 
• Interest in learning threat modeling and risk assessment methodologies  

Development & Scripting 

• Proficiency in at least one scripting language (Python, Bash, PowerShell) 
• Strong experience with version control systems (Git) and collaborative development workflows 
• Good understanding of software development lifecycle and agile methodologies  

Soft Skills 

• Strong problem-solving mindset and willingness to learn 
• Good communication and collaboration abilities 
• Ability to work effectively in team environments 
• Strong desire for continuous learning and professional growth 

Preferred Qualifications 

• AWS certifications (Cloud Practitioner, Solutions Architect Associate, or willingness to pursue) 
• Experience with additional monitoring tools (Prometheus, ELK Stack, DataDog) 
• Interest in serverless architectures and AWS Lambda and ECS. 
• Basic understanding of database concepts and optimization 
• Experience with version control branching strategies and code review processes 
• Previous exposure to multi-cloud or hybrid cloud environments