2,296 Iam Analyst jobs in Indonesia

Responsibilities:

1. Perform continuous security monitoring in a 24/7/365 shift rotation.

1. Analyze and triage information security aerts from various monitoring tools.

2. Identify, investigate and escalate high priority information security incident.

4. Prepare and deliver regular SOC reports.

5. Provide first-level incident response and remediation support.

1. Conduct scheduled Vulnerability Management activities.

7. Recommend improvements for detection rule fine-tuning to minimize false positives.

8. Research and stay up to date on the latest cybersecurity threats, trends, and attack techniques.

1. First level support for customer related to information security incidents.

Qualifications

1. Passion for cybersecurity and continuous learning.

1. Effective communication skills for coordination with team members and supervisors.

2. Basic knowledge of Operating System (Windows and Linux).

3. Basic knowledge of Networking (OSI Layer, TCP/IP, Routing).

4. Basic knowledge of IT Security (Malware, Hacking, Social Engineering, Penetration Test, Hardening, Threat Intelligence).

6. Familiarity with security monitoring tools (SIEM, EDR, IDS/IPS, Firewall, WAF, ect).

1. Have information security certification (CompTIA Security+, ISC2 CC, CEH, ect) is a plus.

2. Have scripting skills (Python, Bash, PowerShell) for automation and analysis is a plus.

Job Description

• Analyst would be part of 24x7 Cyber Security Operations function to perform security monitoring and incident response, data loss prevention, vulnerability management.
• Perform monitoring, research, assessment and analysis on alerts from various security tools, including IDPS tools, SIEM, Anomaly detection systems, firewalls, antivirus systems, user behavior analytics tools, endpoint inspection, and proxy devices.
• Follow pre-defined actions to investigate possible security incidents or perform incident response actions, including escalating to other support groups.
• Ensure proper functioning of systems in the Security Operations Centre.
• Enhance and Build Cyber threat detection use cases and assist in analyzing & reducing false positive.
• Support the development and enhancement of SOC incident response capabilities.
• Respond to inbound Change Requests (CRs), Service Requests (SRs), Queries for handling Incident Management.
• Execute daily ad hoc tasks or lead projects as needed.

Requirement

• Minimum 1 years of working experience in IT environment.
• Diploma/Degree in Information System/Information Security from a recognized institution. Strong knowledge on TCP/IP, Networking, Operating Systems and Cyber Security Concepts.
• Strong level of experience with and understanding of firewalls, Antivirus and endpoint detection.
• Good working knowledge of Linux including the ability to run command lines, editing files and scripting.
• Knowledge of commonly-accepted information security principles and practices, as well as techniques attackers would use to identify vulnerabilities, gain unauthorized access, escalate privileges and access restricted information.
• Solid understanding of threats reported by various data sources such as IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies.
• Excellent communication skills.
• Experience in Scripting with Python, Bash or PowerShell is an advantage.
• Willing to work with 24x7 shift pattern that includes weekend work and also extend shift hours if required.
• Willingness to be on standby for maintaining 24x7 SOC shifts.
• Hold one or more tech certification (e.g. MCP, MSCE, CCNA Security, CEH, Security+, CSA )

Responsibilities

• Conduct thorough analyses or investigations of incidents and escalate security activities as needed, responding appropriately to mitigate risks.
• Support various security operations, including vulnerability assessments, threat assessments, and threat hunting, while contributing insights toward implementing effective security strategies.

Qualifications

• Intermediate knowledge of Information Security
• Basic Networking/Network Engineering
• Intermediate knowledge of Linux & Windows Operating Systems
• Familiarity with the NIST CyberSecurity Framework and MITRE ATT&CK framework
• Preferred certifications: CEH, CySA+, Security+, CHFI, or equivalent
• Preferred familiarity with enterprise security devices (EDR, Firewall, WAF)
• Preferred familiarity with the Java environment
• Preferred coding/scripting ability in any language
• Work Location: Jakarta & Sentul.

Security Analyst – Managed Detection and Response

Our mission at Bitdefender is to reduce risk to customers' business to allow them to achieve their objectives. We are focused on delivering real security value for an affordable price – no snake oil. To help in this mission, we are looking for a
Security Analyst
. You will work in a tight knit, experienced team backed up by an international organization that's been in business for 18 years.

About US

The Managed Detection & Response service is a new line of business (think division, business unit, etc). We are an experienced team having built successful Managed Security offerings in the past and staffed by a multitude of cybersecurity organizations and veteran cyber-warfare operators from the military and intelligence services. We all got into this business to provide security services that make customers safer. We must make some money to do that, but our primary goal is to provide services that secure, not just ones that sell.

Our team has been around the block together and operate in a 24x7 environment where we manage emergency situations for customers. For this to work, we must trust each other. As a leadership team, we focus on building that trust through accountability, processes and personal relationships. We have plenty of experienced team members with and without families and understand that not all teams can be built outside of work, but we focus on teamwork to build authentic and meaningful engagement

About the Role

• This is a full-time position in a 24/7 operation with a 12-hour shift Panama schedule. Scheduled rotations for night and weekend shifts will be required.
• Under limited supervision, the Security Analyst performs real-time monitoring and analysis of security events from multiple sources.
• Triage security events to determine priority and severity
• Use indicators of compromise from current intelligence information to proactively review customers environments searching for suspicious behavior across network, host and logs data
• Assist in the development of analytic signatures to identify suspicious and malicious behaviors

About You

• Be able to demonstrate understanding of the following
• Cybersecurity principles
• Cyber threats and vulnerabilities
• Current incident response methodologies
• Current cyber investigative techniques
• Current cyber threat trends
• Computer networking concepts and protocols, and network security methodologies
• Knowledge of basic physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, NICs, HDDs)
• Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system (IDS) logs) to identify possible threats to network security
• Basic system administration, network, and operating system hardening techniques
• Identifying, modifying, and manipulating applicable system components within Windows, Unix, or Linux (e.g., passwords, user accounts, files)
• Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings)
• Defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness)
• Virtualization and cloud computing
• Knowledge of which system files (e.g., log files, registry files, configuration files) contain relevant information and where to find those system files
• Hacking methodologies
• Networking protocols (e.g., TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications
• Knowledge of encryption algorithms (e.g., Internet Protocol Security (IPSEC), Advanced Encryption Standard (AES), Generic Routing Encapsulation (GRE), Internet Key Exchange (IKE), Message Digest Algorithm (MD5), Secure Hash Algorithm (SHA)) and how they are used
• How to perform packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump)
• Security Information and Event Management (SIEM) tools - Searching, aggregating, and correlating data
• Web Application Firewall (WAF)
• Regular Expressions (Regex)

Ensign is hiring

Duties and Responsibilities:

• Understand the security event triage process and SOC tools involved in the process
• Triage security events under the supervision of a senior security analyst
• Understand the basics of Threat Detection and Threat Hunting
• Support Use Case management process and Threat Hunting activities under the supervision of SIEM Engineer and Senior security analyst
• Participate in SOC continuous service improvement process

Requirements:

• Internship should be at least 3 months.
• Good understanding of cybersecurity fundamentals
• Willing to learn on the job

Job Description :

• Security monitoring in systems and network
• Analyzing security problems/breaches, identifying abnormalities in systems and networks with related tools
• Follow up information security alerts in accordance with an incident response procedure
• Conduct periodic security audits/reviews and provide reports on security violations
• Maintain solid security incident documentation

Job Qualifications :

• Have a strong interest in technology or IT field, especially in Cyber Security
• Experience as a Threat Hunting & Detection Engineer
• Experience with security standards in microservices, cloud, and virtual machine environments.
• On-call availability on weekends and national holidays.
• Must have at least one certification (ECIH, BTL 2, CIHE, CHFI, CySA+, CPENT)
• Experienced with SIEM and/or certified in this field (CEH, CND, CCNA Security, Security+, etc.)
• Humble personality but eager and have strong desire for success
• Good communication, strong problem solving, and analytical abilities

Requirement :

• CEH/CHFI/ECSA/ECIH
  certificate is a must, and other relevant Information security certificates are preferred
• Have degree holder in Information Technology related field
• At least two
  (2) years
  of working experience in IT Security
• Willing to learn new security technologies
• Proficient in Incident Management and Response
• Experience in security device management and SIEM
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
• Experience in threat management
• Proficient in preparation of reports, dashboards and documentation
• Good Analytical skills, Problem solving and Interpersonal skills
• Able to communicate with English in both written and oral forms
• Positive attitude, fast learning and can work as team
• Able to work under challenging environment and extended hours

Job Descriptions:

• Responsible for security event monitoring, management and response
• Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
• Ensure compliance to SLA
• Responsible for integration of standard and non-standard logs in SIEM
• Creation of reports, dashboards, metrics for SOC operations and presentation

Requirements:

• Minimum S1
• Have knowledge about SIEM will be added advantage.
• Familiar with IBM Security tools, forensic investigation, cybersecurity, ethical hacking, network security, etc.
• Familiar with and have done log monitoring, management, and reporting.
• Can handle pressure at work especially with higher management.
• Having a high interest in IT Security and a fast learner.
• Willing to work in shift.

Kualifikasi :

1. Pendidikan minimal D3/setara atau jika tidak D3/setara minimal memiliki Sertifikasi ECIH/CHFI
2. Memiliki minimal sertifikasi tentang Security Operator, Pentration Tester, dan/atau Vulnerability Assessment Analyst (misal. CEH, CIHE, dan sejenisnya)
3. Memiliki pengalaman dalam bidang Incident Response , SOC atau bidang Keamanan Siber minimal 2 tahun

Deskripsi Pekerjaan:

1. Membuat perencanaan program penanganan insiden, eskalasi insiden, dan improvement    berdasarkan masukan dari tim SOC, tim Security Engineer, dan dari tim terkait lainnya

2. Mengidentifikasi serangan-serangan terhadap kontrol akses

3. Mendeteksi kerentanan (vulnerability) keamanan dan potensi pelanggaran

4. Melakukan analisa trend postur keamanan siber

5. Melakukan koordinasi penanganan insiden dan manajemen krisis baik kepada pihak internal khususnya L1 maupun eksternal di Perusahaan

6. Melakukan eskalasi insiden sesuai dengan tingkat prioritas penanganan untuk berkoordinasi dengan klien maupun pada level internal L3 maupun fungsi yang terkait.

7. Memberikan arahan mengenai solusi masalah keamanan siber yang teridentifikasi

8. Menyusun laporan insiden rinci dan ringkasan teknis serta mempresentasikan atau mengkomunikasikan kepada manajemen, administrator, end-user / klien dengan entitas analisis ancaman cyber lainnya

9. Membuat use case dan mengintegrasikannya ke dalam SIEM dengan berkolaborasi bersama Infrastructure Engineer

10. Bertanggung jawab atas daily operasional di klien dan meeting rutin

11. Membuat closing report atas insident yang telah selesai dan berkoordinasi dengan klien

12. Menjaga kualitas layanan dan kepuasan klien dengan cara menjaga komunikasi dengan klien, L1, PMO, dan pihak lain yang berkepentingan

13. Melaksanakan program dan mengelola bahan/media peningkatan kepedulian dan pelatihan terkait keamanan cyber

14. Melakukan analisis IT Security Risk Assessment terhadap produk dan jasa dalam kaitannya dengan kepatuhan terhadap regulasi keamanan siber