4,259 IT Security jobs in Indonesia

Job Description

• Analyst would be part of 24x7 Cyber Security Operations function to perform security monitoring and incident response, data loss prevention, vulnerability management.
• Perform monitoring, research, assessment and analysis on alerts from various security tools, including IDPS tools, SIEM, Anomaly detection systems, firewalls, antivirus systems, user behavior analytics tools, endpoint inspection, and proxy devices.
• Follow pre-defined actions to investigate possible security incidents or perform incident response actions, including escalating to other support groups.
• Ensure proper functioning of systems in the Security Operations Centre.
• Enhance and Build Cyber threat detection use cases and assist in analyzing & reducing false positive.
• Support the development and enhancement of SOC incident response capabilities.
• Respond to inbound Change Requests (CRs), Service Requests (SRs), Queries for handling Incident Management.
• Execute daily ad hoc tasks or lead projects as needed.

Requirement

• Minimum 1 years of working experience in IT environment.
• Diploma/Degree in Information System/Information Security from a recognized institution. Strong knowledge on TCP/IP, Networking, Operating Systems and Cyber Security Concepts.
• Strong level of experience with and understanding of firewalls, Antivirus and endpoint detection.
• Good working knowledge of Linux including the ability to run command lines, editing files and scripting.
• Knowledge of commonly-accepted information security principles and practices, as well as techniques attackers would use to identify vulnerabilities, gain unauthorized access, escalate privileges and access restricted information.
• Solid understanding of threats reported by various data sources such as IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies.
• Excellent communication skills.
• Experience in Scripting with Python, Bash or PowerShell is an advantage.
• Willing to work with 24x7 shift pattern that includes weekend work and also extend shift hours if required.
• Willingness to be on standby for maintaining 24x7 SOC shifts.
• Hold one or more tech certification (e.g. MCP, MSCE, CCNA Security, CEH, Security+, CSA )

1. Perform continuous security monitoring in a 24/7/365 shift rotation.

1. Analyze and triage information security aerts from various monitoring tools.

2. Identify, investigate and escalate high priority information security incident.

4. Prepare and deliver regular SOC reports.

5. Provide first-level incident response and remediation support.

1. Conduct scheduled Vulnerability Management activities.

7. Recommend improvements for detection rule fine-tuning to minimize false positives.

8. Research and stay up to date on the latest cybersecurity threats, trends, and attack techniques.

1. First level support for customer related to information security incidents.

Qualifications

1. Passion for cybersecurity and continuous learning.

1. Effective communication skills for coordination with team members and supervisors.

2. Basic knowledge of Operating System (Windows and Linux).

3. Basic knowledge of Networking (OSI Layer, TCP/IP, Routing).

4. Basic knowledge of IT Security (Malware, Hacking, Social Engineering, Penetration Test, Hardening, Threat Intelligence).

6. Familiarity with security monitoring tools (SIEM, EDR, IDS/IPS, Firewall, WAF, ect).

1. Have information security certification (CompTIA Security+, ISC2 CC, CEH, ect) is a plus.

2. Have scripting skills (Python, Bash, PowerShell) for automation and analysis is a plus.

• Monitor network security infrastructure, including firewalls, IDS/IPS, VPNs, and SIEM systems, for suspicious activity.
• Analyze security alerts and logs to identify and investigate potential security breaches and incidents.
• Respond to security incidents, conducting root cause analysis and implementing containment and eradication strategies.
• Develop and maintain network security policies, procedures, and guidelines.
• Configure and manage network security devices and technologies.
• Conduct vulnerability assessments and penetration testing to identify weaknesses in the network.
• Collaborate with IT teams to implement security controls and best practices across the network.
• Stay up-to-date with the latest security threats, vulnerabilities, and countermeasures.
• Prepare regular reports on security status, incidents, and recommendations for improvement.
• Provide security awareness training to employees as needed.

• Bachelor's degree in Information Security, Computer Science, IT, or a related field.
• Minimum of 3 years of experience in information security, with a strong focus on network security.
• Hands-on experience with firewalls (e.g., Palo Alto, Cisco ASA), IDS/IPS, and SIEM solutions (e.g., Splunk, QRadar).
• Knowledge of network protocols (TCP/IP, DNS, HTTP/S) and common network attack vectors.
• Experience with vulnerability scanning tools (e.g., Nessus, OpenVAS) and penetration testing methodologies.
• Understanding of security frameworks and best practices (e.g., ISO 27001, NIST).
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to explain technical concepts to non-technical audiences.
• Relevant security certifications such as CompTIA Security+, CCNA Security, or CISSP are a plus.

• Monitor network activity for security breaches, suspicious activities, and potential vulnerabilities using various security tools (e.g., SIEM, IDS/IPS).
• Analyze security alerts and logs to identify and investigate security incidents.
• Implement and maintain security measures, including firewalls, VPNs, intrusion detection/prevention systems, and endpoint security solutions.
• Develop and execute incident response plans to mitigate the impact of security breaches.
• Conduct regular vulnerability assessments and penetration testing on network infrastructure.
• Recommend and implement security enhancements to protect against evolving threats.
• Stay up-to-date with the latest cybersecurity threats, trends, and technologies.
• Collaborate with IT operations teams to ensure security is integrated into all network infrastructure.
• Develop and maintain security documentation, policies, and procedures.
• Provide technical guidance and support to other IT staff on security matters.
• Perform security audits and ensure compliance with relevant regulations and standards.
• Participate in security awareness training for employees.
• Evaluate and recommend new security technologies and tools.
• Assist in the development and testing of disaster recovery and business continuity plans.
• Respond to forensic investigations related to security incidents.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 3-5 years of experience in network security, cybersecurity analysis, or a similar role.
• Strong knowledge of network protocols (TCP/IP, DNS, HTTP), network architecture, and security principles.
• Experience with security tools such as SIEM (e.g., Splunk, ELK), IDS/IPS, firewalls, and endpoint protection.
• Familiarity with vulnerability scanning and penetration testing methodologies.
• Excellent analytical and problem-solving skills.
• Ability to work independently and manage time effectively in a fully remote environment.
• Strong written and verbal communication skills.
• Relevant security certifications such as CompTIA Security+, CEH, CISSP are a plus.
• Experience with cloud security concepts (AWS, Azure, GCP) is beneficial.
• Understanding of threat intelligence and incident response procedures.
• Ability to multitask and prioritize tasks in a fast-paced environment.
• Proactive approach to identifying and mitigating security risks.
• This role is crucial for maintaining the security of our extensive network infrastructure, particularly for our operations in the Bandar Lampung, Lampung, ID region.

• Implement, configure, and maintain security controls and technologies in cloud environments (AWS, Azure, GCP).
• Monitor cloud infrastructure for security threats, vulnerabilities, and anomalies using SIEM and other security tools.
• Respond to security incidents, including investigation, containment, eradication, and recovery.
• Conduct regular vulnerability assessments and penetration testing of cloud services.
• Develop and enforce cloud security policies, standards, and procedures.
• Collaborate with development and operations teams to ensure secure cloud architecture and deployments (DevSecOps).
• Manage identity and access management (IAM) for cloud resources.
• Stay up-to-date with the latest cloud security threats, trends, and best practices.
• Participate in security audits and compliance activities.
• Contribute to the continuous improvement of the company's overall information security posture.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 3+ years of experience in information security, with a strong focus on cloud security.
• Hands-on experience securing cloud platforms such as AWS, Azure, or Google Cloud.
• Proficiency with cloud security tools and services (e.g., AWS Security Hub, Azure Security Center, GuardDuty, WAF).
• Experience with SIEM solutions (e.g., Splunk, QRadar) and incident response procedures.
• Understanding of networking protocols, firewalls, IDS/IPS, and encryption technologies.
• Familiarity with security frameworks like NIST, ISO 27001.
• Relevant security certifications (e.g., CISSP, CCSP, cloud provider security certifications) are highly desirable.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration skills for a remote work environment.

• Implement and manage security controls for cloud environments (AWS, Azure, GCP).
• Conduct vulnerability assessments, penetration testing, and security audits.
• Develop and enforce cloud security policies, standards, and procedures.
• Monitor security alerts and respond to incidents in a timely manner.
• Manage identity and access management (IAM) within cloud platforms.
• Ensure compliance with relevant data protection and security regulations.
• Collaborate with development and operations teams to embed security throughout the SDLC.
• Stay current with emerging cloud security threats and technologies.

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• 3-5 years of experience in information security, with a focus on cloud security.
• Hands-on experience with security configurations in AWS, Azure, or GCP.
• Proficiency in security assessment tools and methodologies.
• Strong understanding of network security principles, IAM, and data encryption.
• Knowledge of security compliance frameworks and regulations.
• Excellent analytical, problem-solving, and incident response skills.
• Strong written and verbal communication skills.
• Relevant security certifications (e.g., CCSP, CISSP, AWS Security Specialty) are a plus.