2,541 Junior Security Consultant jobs in Indonesia

Job Descriptions:

• Analyze application vulnerabilities and perform malware detection analysis.
• Provide operational support by creating SAM (Security Access Matrix), RD (Release Document), DDCL (Day to Day Check List), SIT (System Integration Testing), UAT (User Acceptance Testing), ARF (Access Routing Firewall), DRP (Disaster Recovery Plan), and other SDLC-related documents.
• Manage project process controls, including overall enhancements and maintenance to ensure implementation in production is in line with existing SDLC standards.
• Operate IT Security applications.
• Manage, configure and troubleshoot Anti-Malware, Intrusion Prevention, Firewall and Log Inspection.

Requirements:

• Minimum Bachelor's Degree in Information Technology/Computer Science/Information Systems/Electrical Engineering, or a related IT field
• Minimum 2 years of experience
• Proficient in Microsoft Office.
• Proficient in Operation Server (Windows and Non-Windows)
• Understanding of Jira and Confluence applications - Able to produce good reports and documentation.
• Understanding of troubleshooting Operation Server (Windows and non-Windows)

About softScheck APAC

softScheck is a fast-growing IT security consultancy firm in APAC. We provide cybersecurity consultancy services across multiple government agencies, Banks, MNCs, and large corporations.

You will belong to and will be working with a group of fun and high-performing team members. As a member of softScheck, you will have the opportunity to work on new and exciting opportunities and develop your career. This position is hybrid-based and has to be located in Malaysia.

The responsibilities as Security Consultant in softScheck:

As a security consultant, your daily job will include but is not limited to:

• Performing penetration tests on computer systems, networks, wireless access points, web / mobile applications, and product appliances.
• Performing source code review (static and dynamic).
• Performing vulnerability assessment and host configuration review for Windows and Linux systems, databases, network equipment, and product appliances.
• Write a comprehensive penetration testing report and support the customer on the finding remediation through email and conference calls.
• Collaborate with the rest of the teams on improvement and problem solving.
• Provide mentoring/coaching for junior consultants.
• Lead/facilitate internal meetings as well as client meetings in support of project delivery.
• Provide support to sales by providing project scoping to potential clients.

Requirements:

• Independent with contributor mindset and committed with a high-performance culture.
• Minimum of 2-3 years' experience in performing penetration testing.
• Good English communication to articulate, explain and support the client on the finding remediation.
• Responsive, humble, responsible, and open-minded.
• Ability to work under pressure and independently for certain peak periods.

Good to have:

• Relevant practical industry certifications such as CPTS, CBBH, eWPT/X, OSCP.
• CTF and bug bounty experiences.
• Other skills that are related to cyber security domain such as forensic, reverse engineering, etc.

Join softScheck

softScheck is committed to building our team with high performing culture that emphasizes servant leadership and continuous improvement which constantly spur one another towards bringing the best version of oneself.

Your personal data will be processed for the purpose of managing softScheck's recruitment related activities, which includes setting up and conducting interviews and tests for applicants, evaluating, and assessing the results and as is otherwise needed in the recruitment and hiring process. Please consult our Privacy Notice ( to know more about how we collect, use, and transfer the personal data of our candidates.

As a CREST-approved vendor and an ISO-certified organization, Crowe is one of the largest professional firms globally, dedicated to utilizing sophisticated tools and approaches to combat cybercrime. We are currently expanding our team and looking for passionate individuals ready to start their career in cyber security.

Job Description

We are seeking an enthusiastic and driven Cyber Security Consultant who is eager to learn and contribute to our cyber security efforts. This entry-level position is perfect for individuals fresh out of university or with up to one year of experience in cyber security, offering a chance to work with advanced technology and seasoned experts in the field.

Key Responsibilities

• Assist in conducting network and web application vulnerability assessments.
• Support in simulating attacks to identify and evaluate potential security breaches.
• Participate in the security review of source codes under the guidance of senior staff.
• Collaborate with team members on various cyber security projects.

Qualifications

Required:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Fresh graduates or candidates with up to one year of experience (internship or full-time roles) in cyber security.
• Basic understanding of cyber security principles and interest in penetration testing.
• Good project and time management skills.
• Strong interpersonal skills and ability to work collaboratively in a team environment.
• Creativity and problem-solving skills.
• Eagerness to learn and a commitment to pursuing a career in cyber security.

Preferred:

• Knowledge of network protocols, programming languages, and security devices.
• Involvement in cyber security clubs or activities during academic tenure is a plus.
• Familiarity with automated tools used in cyber security assessments.

Why Join Us?

At Crowe, you will have the opportunity to grow professionally in a supportive and innovative environment. You will access cutting-edge tools and technologies and be part of a team that is at the forefront of fighting cybercrime.

Company Description

Unmewt (read: un-mute) was born from due to the lack of real care from security expertise in Indonesia. We offer a wide range of cybersecurity services tailored to meet the unique needs and challenges faced by businesses. Built by a group of security minded individuals with multinational experience, we focus on providing actual improvements rather than blank promises.

We're looking for an experienced Security Consultant that can run in multiple avenues of security, not just the typical 'pentest security consultant' you see prevalent in Indonesia - but also knowledge in NIST, compliance, maturity reviews, bash, incident response, gantt charts and so on.

Role Description

As a Senior Security Consultant, you will potentially be conducting a wide range of security projects including but not limited to: maturity assessments, threat modelling, ISO 27001, SOC ramp up, AD review, SOC2 audit, CI/CD reviews etc.

Key Responsibilities

You'll spend majority of your time working as a client facing consultant with the overarching goal of helping them move towards cyber resilience; This may include: finding potential root causes, planning solutions, implementing fixes, or just plain ol' smack em in the head till they realize the problem themselves.

Great to have(s)

• Demonstrate a deep understanding of cyber security and not just technology
• Self starter and curious by design
• Be able to assess, design, architect solutions as well as manage efficient implementation
• Able to communicate findings, recommendation and opportunities of improvement clearly
• Proficient in both Bahasa and English

Nice to have(s)

• Knowledge in typical compliance work (ISO, CSF, PDP, PCI, SOC2)
• Experience in Information Technology or Information Security
• Don't like Indonesia's cybersecurity scene but want to help fix it
• Can explain what both PivotTable and buffer overflow does

About softScheck APAC

softScheck is a fast-growing IT security consultancy firm in APAC. We provide cybersecurity consultancy services across multiple government agencies, Banks, MNCs, and large corporations.

You will belong to and will be working with a group of fun and high-performing team members. As a member of softScheck, you will have the opportunity to work on new and exciting opportunities and develop your career. This position is hybrid-based and has to be located in Singapore or Indonesia.

The responsibilities as OT Security Consultant in softScheck:

As a OT senior security consultant, your daily job will include but is not limited to:

• Leading and delivering OT security assessments including vulnerability assessments and penetration testing on Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA) systems, Programmable Logic Controllers (PLCs), and industrial network devices.
• Assessing OT network security by evaluating resiliency, network traffic, identifying vulnerabilities/misconfigurations, and testing access controls and protection layers across systems and external interactions.
• Designing and proposing testing approaches for OT/ICS environments, ensuring all testing activities are conducted safely and securely, without jeopardizing availability, performance, or integrity of critical systems.
• Preparing and delivering executive-level and technical reports, presenting findings to stakeholders, and supporting customers in remediation and risk mitigation.
• Mentoring, coaching, and guiding junior consultants in OT/ICS security testing and methodologies.
• Leading/facilitating internal and external meetings, acting as the main technical point of contact for OT security engagements.
• Providing technical pre-sales support, including scoping OT security projects and advising clients on assessment strategies.
• Contributing to internal R&D efforts to improve OT security methodologies and toolsets.

Requirements:

• Minimum of 5 years' experience in cybersecurity, with at least 3 years hands-on in OT/ICS/SCADA security assessments.
• Relevant industry certifications such as GICSP, GRID, or ISA/IEC 62443.
• Strong English communication to articulate findings and remediation clearly to both technical and non-technical stakeholders.
• Proven experience in leading projects, managing client expectations, and coordinating teams.
• Responsive, humble, responsible, and open-minded, with a collaborative mindset.
• Ability to work under pressure and independently during peak periods.

Join softScheck

softScheck is committed to building our team with high performing culture that emphasizes servant leadership and continuous improvement which constantly spur one another towards bringing the best version of oneself.

Your personal data will be processed for the purpose of managing softScheck's recruitment related activities, which includes setting up and conducting interviews and tests for applicants, evaluating, and assessing the results and as is otherwise needed in the recruitment and hiring process. Please consult our Privacy Notice ( to know more about how we collect, use, and transfer the personal data of our candidates.

#This role is for proficient English speaking candidates#

The Role:

Our Red Team, Offensive Security Consultants work with organisations and technical teams to perform a variety of assessments and provide practical advice to keep them secure. Red team members are generally familiar with and apply themselves to most aspects of cybersecurity but specialize in web application security, code reviews, architecture design, network security, attack simulations or even specialist fields such as mainframe or SCADA systems. They help to ensure cybersecurity issues and identified along with their associated risks, and guide organisations to manage this risk in a practical manner.

You will be:

• Acting as an Engagement Manager or Engagement Lead on projects, as an individual contributor, or leading a team;
• Conducting security assessments for various technology types and environments, with a focus on penetration testing;
• Guiding junior talent to become cybersecurity experts as well;
• Doing project management and developing security test plans around larger complex projects;
• Coordinate with clients and other subject matter experts in different fields, as required in projects; and
• Drive and develop capabilities in specific security areas, (E.g. Secure system architecture design in the cloud).

A suitable candidate would have some or most of the following attributes:

• Demonstrate deep understanding of penetration-testing methodologies, techniques, and remediation of security risks;
• Be able to identify vulnerabilities in web apps/web APIs, and pick up issues in code through manual source code reviews/static code analysis;
• Understand threats in different environments, from cloud, to endpoints or IoT systems. Perform review of hardening controls for such systems; and
• Think on your feet and adapt to new threats and technologies are they develop.

Experience and Certification

• 2 - 4 years of client facing consulting experience.
• Must have: OSCP and CREST CRT
• Nice to have: OSCE or CREST CCT or other specialist certifications
• Some Executive Experience
• Must be able to speak English for our English speaking clients

The Mission:

Protect and enable growth of value creators, through excellence and integrity.

To be the first choice for visionary organisations and talents, and to turn every client into a client for life.

We are passionate about providing opportunities to our team members to be the best version of themselves and building partnerships with our clients to ensure cybersecurity empowers them towards their business goals.

The Team:

Our team is made up of Information Security professionals coming from all types of professional and personal backgrounds - we have a unique, international environment and believe in having fun at work. We offer benefits to help you in your career progression and in addition, we have training and certification opportunities, flexible hours, a great workplace environment, a culture focused on helping you become a balanced consultant while working in a technically strong, diverse team.

About Sekuro Asia

Sekuro Asia is an independent cybersecurity consulting firm and we have been operating for more than 10 years. We have offices located in more than 10 different cities across the globe with a growing presence in Asia.

We offer Cybersecurity services ranging from Offensive Security to Strategy, Governance, Risk and Compliance services, including ISO27001 implementation and adoption of other International Standards for our clients. We are ISO27001 certified, CREST Accredited and a PCI QSA company. We are a registered Services supplier for both the Singapore Government as well as the Australian Government.

At Avanade, cybersecurity consultants are innovators, risk-takers, and challengers of the status quo. If you're an experienced Microsoft Security Consultant, who can help our clients solve complex Cybersecurity business challenges, this might be the perfect opportunity for you.

Come join us
Engage in exciting, complex projects and play a vital role in transforming clients' Cyber Defense strategies. Collaborate with a team of experts, share knowledge, and develop thought leadership. Stay at the forefront of Microsoft Security technology and grow into a leader in Cyber Defense.
Together we do what matters.
Skills And Experiences
Required technical skills:

• 8+ years of experience in cybersecurity with strong expertise in Microsoft Entra & Unified Threat protection (Defender and Sentinel Solutions)

• Microsoft Azure Security Architecture & Engineering:

• Lead the design, architecture, and implementation of secure Azure cloud environments, adhering to Microsoft's Cloud Adoption Framework (CAF) and Azure Well-Architected Framework (WAF) security pillars.

• Deep expertise in Azure network security (Azure Firewall, WAF, NSGs, Azure Private Link, DDoS Protection), data security (Azure Key Vault, Azure Disk Encryption, Azure Storage security), and application security (Azure App Service, Azure Kubernetes Service security).
• Proficiency in implementing and managing Azure Policy, Azure Blueprints, and security baselines to enforce organizational standards and compliance.
• Experience with Azure RBAC, Managed Identities, and Service Principals for secure resource access and automation.

• Implement and optimize secure DevOps practices within Azure environments, integrating security throughout the development lifecycle.

• Microsoft Defender for Cloud (CSPM & CWPP):

• Strategic Deployment & Optimization: Lead the deployment, configuration, and continuous optimization of Microsoft Defender for Cloud across Azure subscriptions, hybrid workloads, and multi-cloud environments (AWS, GCP via Azure Arc).

• Cloud Security Posture Management (CSPM): Drive improvements in Secure Score, manage security recommendations, and ensure compliance with regulatory standards (e.g., ISO 27001, PCI DSS, NIST, HIPAA) using Defender for Cloud's compliance dashboards.
• Cloud Workload Protection Platform (CWPP): Implement and fine-tune Defender plans for various workloads, including:
• Defender for Servers (Azure Arc): Securing Azure VMs and hybrid/multi-cloud servers.
• Defender for SQL: Database protection for Azure SQL and SQL Servers on VMs.
• Defender for Storage: Threat detection for Azure Storage accounts.
• Defender for Key Vault: Protection for cryptographic keys and secrets.
• Defender for App Service: Security for web applications.
• Defender for Containers: Protection for Azure Kubernetes Service (AKS) and container registries.
• Defender for DNS, Azure Cosmos DB, and open-source relational databases.

• Advanced Threat Protection: Configure and monitor advanced threat detection capabilities, just-in-time VM access, and adaptive network hardening within Defender for Cloud.

• Vulnerability Management: Utilize Defender for Cloud's integrated vulnerability assessment tools and recommendations to identify, prioritize, and remediate cloud-based vulnerabilities.

Qualifications

• 8+ years of progressive experience in IT and cybersecurity, with a significant portion dedicated to cloud security (specifically Azure) and security operations, including at least 4-5 years in a leadership, management, or client-facing consulting role.
• Extensive hands-on expertise with Microsoft Azure Security services and Microsoft Defender for Cloud is mandatory.
• Proven track record of successfully designing, implementing, and managing complex cloud security solutions in diverse enterprise environments.
• Highly desirable certifications: Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Azure Solutions Architect Expert, Microsoft Certified: Cybersecurity Architect Expert, CISSP, CISM, CCSP.
• Strong understanding of broader cybersecurity domains, network security, and hybrid/multi-cloud security architectures.
• Exceptional written and verbal communication skills, with a proven ability to articulate complex technical and business concepts clearly and persuasively to all levels of an organization.
• Demonstrated ability to lead, motivate, and develop a high-performing team in a consulting or advisory capacity.
• Strong organizational skills and ability to manage multiple concurrent projects and priorities in a dynamic, fast-paced environment.
• Good to have Microsoft Security certifications e.g. SC100, AZ500, AZ-305.

About You
Characteristics that can spell success for this role:

• Seen as a role model and acts as a leader.
• Consultative, collaborative, relationship builder.
• Problem-solver, patient, quality-driven
• Talented in designing and implementing technology solutions.
• You take full accountability to lead and manage projects, providing operational leadership for work efforts requiring significant coordination.
• You create and implement work plans for assigned projects, programs, and clients against established operational objectives.

What You'll Do

• Technical Leadership: Lead pre-sales activities, including technical presentations, demonstrations, and proof-of-concept engagements to showcase the value of Microsoft Security solutions.
• Solution Design: Collaborate with sales teams and customers to understand their security needs and design tailored solutions that address their challenges.
• Customer Engagement: Build strong relationships with customers, acting as a trusted advisor and providing expert guidance on security best practices and Microsoft solutions.
• Cross-Functional Collaboration: Work closely with internal teams in the Sales organization, including Client Solutions, to support the go-to-market strategy and drive successful customer outcomes.
• Market Insights: Stay updated on industry trends, competitive landscape, and emerging security threats to provide strategic insights and inform solution development.
• Stakeholder Management: Collaborate with key stakeholders, including Microsoft sales specialist and executive teams, to support business objectives and drive joint growth.

Learn more
To Learn More About Avanade Check Out These Links
LinkedIn

Inside Avanade Blog

Avanade Careers

Enjoy your career
Some of the best things about working at Avanade

• Opportunity to work for Microsoft's Global Alliance Partner of the Year, with exceptional development and training (minimum 80 hours per year for training and paid certifications)
• Real-time access to technical and skilled resources globally
• Dedicated career advisor to encourage your growth
• Engaged and helpful coworkers genuinely interested in you

Find out more about some of our benefits Employee Benefits at Avanade | Avanade

A great place to work
As you bring your skills and abilities to Avanade, you'll get distinctive experiences, limitless learning, and ambitious growth in return. As we continue to build our diverse and inclusive culture, we become even more innovative and creative, helping us better serve our clients and communities. You'll join a community of smart, supportive collaborators to lift, mentor, and guide you, and to lean on your expertise. You get a company purpose-built for business-critical, leading-edge technology solutions, committed to improving the way humans work, interact, and live. It's all here, so take a closer look

We work hard to provide an inclusive, diverse culture with a deep sense of belonging for all our employees. Visit our Inclusion & Diversity page.

Create a future for our people that focuses on

• Expanding your thinking
• Experimenting courageously
• Learning and pivoting

Inspire greatness in our people by

• Empowering every voice
• Encouraging boldness
• Celebrating progress

Accelerate the impact of our people by

• Amazing the client
• Prioritizing what matters
• Acting as one

• Conduct comprehensive security risk assessments and vulnerability analyses for clients.
• Develop and implement robust information security strategies and policies.
• Advise clients on compliance requirements (e.g., GDPR, ISO 27001).
• Design and recommend security architectures and controls for on-premises and cloud environments.
• Assist clients in developing and refining their incident response plans.
• Provide guidance on data privacy and protection measures.
• Perform penetration testing and security audits.
• Develop security awareness training programs for client staff.
• Stay abreast of the latest cybersecurity threats, trends, and technologies.
• Collaborate with clients to implement security solutions and best practices.
• Prepare and present detailed security assessment reports and recommendations.
• Manage client engagements and ensure timely delivery of projects.
• Contribute to the development of the firm's cybersecurity service offerings.
• Mentor junior security consultants and share expertise.
• Act as a trusted advisor to clients on all security-related matters.

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
• Minimum of 8 years of experience in IT security, with a focus on consulting or advisory roles.
• Proven expertise in various security domains, including network security, endpoint security, cloud security (AWS, Azure, GCP), and application security.
• Strong knowledge of security frameworks and standards (e.g., NIST, ISO 27001, SOC 2).
• Experience with risk assessment methodologies and penetration testing tools.
• Excellent understanding of data privacy regulations.
• Demonstrated ability to manage client relationships and lead security projects.
• Exceptional analytical, problem-solving, and communication skills.
• Relevant security certifications such as CISSP, CISM, CISA, or GIAC are highly desirable.
• Ability to work independently and collaboratively in a fully remote environment.

Job Description:

• Drive / conduct general security assessment for business stream, internal system tooling (ERP, low code development tools), external integration (API integration, system to system integration etc)
• Development of digital forensics mechanism & tooling (focus in data trailing, transaction audit trail, SIEM, alerting) in collaboration with cyber security team
• Creating comprehensive report, stakeholder communication & ensuring the remediation process related to security vulnerabilities completely remediated
• Maintaining Business Stream documentation updated in relevant to cyber, information security & fraud risks
• Managed & ensuring Information Security Awareness Program executed with good deliverables (both workshop session & regular awareness campaign)
• Maintain & develop information security related SOP's / Policies to ensure our security posture meet their key results
• Managed & development of the ISO 27001 program (Retaining certification & culture maturity fit)
• Drive strategy & Organization development for Information Security Governance team to help CIS department in achieving their goals
• Assisting / Be a project manager to all CIS department main projects (Decided depends on criticality of the project / directly delegated by CIS's HOD)

Job Requirements:

• Bachelor's degree in any fields, preferably technology / finance related
• Minimum 4 years of experience in Anti Fraud / Cyber Fraud /Management Information System / Data Analyst / Data Science / Business Operation / System Analyst / Security Analyst / SOC analyst / Information Security Governance / IT Governance Risk & Compliance
• Skill in SQL & Data query technologies (Preferred)
• Understanding the principles of Information security, Anti Bribery, Corruption, Fraud activities
• Excellent analytical & problem solving skills
• Strong attention to detail and ability to work under tight deadlines
• Strong or minimum have basic business acumen
• Effective communication and interpersonal skills to collaborate with cross-functional teams.
• Strong knowledge in Role Based Access Control & Audit Trail mechanism
• Strong knowledge in Information Security Compliance (ISO 27001 / UU PDP / ISO 27001 / SOC2 etc)
• Understand / solid knowledge / hands-on in various Cyber Security tooling & data security standards (API security, Threat intelligence tools, DLP technologies, SIEM, Burpsuite, kali linux)

Evermos is committed to providing an inclusive environment where equal opportunities are available to all applicants regardless of race, color, religion, gender, national origin, disability, age, genetic information, marital status, pregnancy, or related condition. We will not tolerate discrimination or harassment based on any of these characteristics.

We also emphasize the importance of diversity in all aspects of employment including recruitment, hiring, promotions, training, and organization operations.