4,288 Security Intern jobs in Indonesia

• Implement, configure, monitor, and troubleshoot security solutions: SIEM, EDR/XDR, antivirus, email security (SPF/DKIM/DMARC), DLP, firewall/WAF/IDS/IPS.
• Develop SIEM/EDR detection rules (SPL/KQL/Sigma), log normalization, false positive tuning, and mapping to MITRE ATT&CK.
• Perform SOC operations: alert triage, full-cycle incident response (containment, eradication, recovery), and evidence handling.
• Conduct vulnerability management: scanning, risk prioritization (CVSS/EPSS), remediation coordination, SLA reporting.
• Strengthen identity and endpoint security: AD/Azure AD, MFA, Windows/Linux hardening, network segmentation, VPN.
• Manage log pipelines from on-prem and cloud to SIEM; ensure data integrity and coverage.
• Automate incident response using SOAR or scripting (Python/PowerShell/Bash).
• Develop and maintain security documentation, runbooks, playbooks, and tabletop exercises (ISO 27001 compliance).

• Bachelor's degree in Computer Science, IT, or related field.
• 2+ years of experience in SOC, Security Operations, or Incident Response.
• Expertise in SIEM content creation and EDR/XDR operations.
• Strong knowledge of threat detection, malware analysis, phishing defense, and ransomware response.
• Experienced in vulnerability scanning, patch management, and secure configurations.
• Proficient in Windows/Linux OS security, TCP/IP, DNS, routing, WAF/IDS/IPS concepts.
• Skilled in identity security (AD/Azure AD, least privilege, lateral movement detection).
• Scripting and automation proficiency in Python, PowerShell, or Bash.
• Strong analytical, communication, and teamwork skills; willing to work on-call rotations.

About Protergo Cyber-Security

We are Indonesia's leading cyber-security company, specializing in both Blue Team (Defense) and Red Team (Attack) services. Founded by an experienced team of cyber-security experts and fully incorporated in Indonesia, we have an in-depth understanding of the nation's cyber-security landscape.

Job Description

• Security monitoring in systems and network
• Analyzing security problems/breaches, identifying abnormalities in systems and networks with related tools
• Follow up information security alerts in accordance with an incident response procedure
• Conduct periodic security audits/reviews and provide reports on security violations
• Maintain solid security incident documentation

Qualifications

• Have a strong interest in technology or IT field, especially in Cyber Security
• Experienced is a plus, but fresh graduates are most welcome to apply
• Have a strong fundamental regarding the core activities of security operations
• Have a strong fundamental concept of OSI Layer
• Experienced with SIEM and/or certified in this field (CEH, ECIH, CHFI, etc.) would be a plus
• Humble personality but eager and have strong desire for success
• Good communication, strong problem solving, and analytical abilities

Protect the organization by managing access, identifying issues, improving security, and performing hands-on security assessments.

Job Requirements

Diploma or Bachelor's Degree in Computer, Informatics or related fields.

At least 3 months - 1 years of experience in a IT Security or related field.

Knowledge of IT security principles, practices, and problem-solving.

Experience in security system monitoring and response (SIEM).

Comfortable working in shifting schedules for SOC L1.

Employment will be on a project based.

Preferably can join immediately (ASAP) and willing to be placed at ASYST Office (Soekarno-Hatta Airport Area).

IT Security Operations

Job Descriptions:

1. Monitoring and maintaining computer system (tools monitoring such as ELA, Managed Engine) to analyse anomaly detection
2. Good understanding in vulnerability and able to operate system security tools (Pentest)
3. Involved in evaluating, solving problems and evaluating IT Security

Job Requirements:

1. Male/Female

2. Minimal Bachelor degree in Information Technology or equivalents experience

3. Minimal 1 years working experience as IT Security Operations

4. Experience in Monitoring System Analyst (security tools)

5. Experience in Network Security

6. Good time management

7. Can elaborate in Individual or Team

Duties and Responsibilities

1. Security Monitoring & Threat Detection:

• Continuously monitor security alerts and events from our Security Information and Event Management (SIEM) using tools Wazuh, Endpoint Detection and Response (EDR), Intrusion Detection/Prevention Systems (IDS/IPS), and other security tools.
• Perform real-time analysis of security alerts to differentiate between false positives and actual security incidents.
• Proactively conduct threat hunting to identify undetected threats and suspicious activities within the network and systems.
• Stay updated with the latest threat intelligence feeds, malware trends, and attacker techniques to enhance detection capabilities.

2. Incident Response & Management:

• Act as a first responder for security incidents, executing a defined incident response plan.
• Lead or participate in the end-to-end incident response lifecycle: identification, containment, eradication, and recovery.
• Conduct thorough investigations and root cause analysis (RCA) for security incidents to prevent recurrence.
• Create detailed post-incident reports for technical teams and management.

3. Vulnerability & Threat Management:

• Perform regular vulnerability scans across networks, servers, and applications.
• Analyze scan results, prioritize vulnerabilities based on risk and business impact, and track them to remediation.
• Collaborate with IT and development teams to ensure timely patching and mitigation of identified vulnerabilities.
• Manage and configure vulnerability assessment tools.

4. Security Engineering & Automation:

• Administer, maintain, and fine-tune security platforms and tools (e.g., SIEM, SOAR, EDR, Firewalls) to ensure optimal performance.
• Develop and maintain security automation playbooks using SOAR (Security Orchestration, Automation, and Response) to streamline security operations.
• Create and implement custom detection rules and logic to improve threat identification.
• Assist in the evaluation, implementation, and deployment of new security technologies.

5. Reporting, Documentation & Collaboration:

• Develop and maintain clear and concise documentation for security procedures, standards, and incident response playbooks.
• Generate regular reports on key security metrics, incident trends, and the overall security posture for stakeholders.
• Communicate security findings and recommendations effectively to both technical and non-technical audiences.
• Collaborate closely with the IT infrastructure, networking, and development teams to embed security into their operations.

Minimum Qualifications

• A minimum of
  2 years
  of hands-on experience in a cybersecurity role, such as a Security Operations Center (SOC) Analyst or a similar defensive security position.
• Bachelor's degree in Computer Science, Information Technology, or a related field is preferred. Equivalent practical experience will also be considered.
• Relevant certifications such as
  CompTIA Security+, GIAC Certified Intrusion Analyst (GCIA), or Certified Ethical Hacker (CEH)
  are a strong plus.
• Technical Knowledge & Skills:
• Solid understanding of core security principles and technologies, including firewalls, IDS/IPS, Endpoint Detection and Response (EDR), and vulnerability management tools.
• Hands-on experience monitoring and analyzing events using a
  SIEM platform
  (e.g., Wazuh).
• Familiarity with the incident response lifecycle (identification, containment, eradication, recovery) and knowledge of common attack vectors.
• Strong foundational knowledge of networking protocols (TCP/IP, DNS) and operating systems (Windows, Linux).
• Exposure to
  cloud security concepts
  (AWS and GCP) is highly desirable.

Job Descriptions:

• Protect the organization by managing access, identifying security issues, improving security measures, and performing hands-on security assessments.
• Monitor and respond to security system alerts and incidents.
• Conduct regular security assessments and audits.
• Collaborate with IT teams to implement and improve security protocols.
• Maintain up-to-date knowledge of security trends and threats.

Qualifications:

• Diploma or Bachelor's Degree in Management Information Systems, Computer Science, IT, or related fields.
• Minimum 1 year of experience in a related field (fresh graduates are welcome).
• Knowledge of IT security principles, practices, and problem-solving.
• Experience in security system monitoring and response.
• Understanding of advanced security protocols and standards.
• Familiarity with software and security architecture.
• Excellent analytical and problem-solving skills.
• Preferably can join immediately (ASAP) and willing to be placed at ASYST Office (Soekarno-Hatta Airport Area).
• Willing to be placed as outsource under one of the subsidiaries of Garuda Indonesia.
• Comfortable working in shifting schedules for SOC L1.

What you will do:

• Continuous monitoring of security events and alerts, providing real-time visibility into potential threats, such as

monitoring logs, alerts, and other security-related data

• Being part of the security incident and response team, to actively detect and respond to security incidents,

leveraging the capabilities of SIEM/SOAR to investigate, analyze, and mitigate potential threats.

• Assist identification of potential threats and vulnerabilities through threat hunting activities. This involves

analyzing data to discover patterns or anomalies that may indicate a security issue.

• Prioritizing security alerts based on severity and relevance.

• Assist to implementing automation to streamline repetitive tasks and orchestrate responses to security incidents,

improving efficiency and reducing response times.

• Managing updates, patches, and version upgrades to ensure the platform remains secure and up-to-date with

the latest features and fixes.

• Generating regular reports on security activities, incidents and trends.

What you need:

• Educational background in related field.

• At least 1 year of Security Operations Analyst career-related experience

• Good understanding of networking protocols, infrastructure, and security principles.

• Experience with SIEM operation/administration.

• Experience with at least one of the following cloud service providers: Microsoft Azure, AWS

• Good attitude, commitment to work and good team player.

• Excellent communication (written and oral) and interpersonal skills especially in needs analysis and problem

solving.

• Ability to adapt and have flexibility within a high-growth organization.

• Design, implement, and manage security controls and solutions for cloud platforms (e.g., AWS, Azure, GCP).
• Develop and maintain security automation scripts and tools to streamline security operations.
• Monitor cloud environments for security threats, vulnerabilities, and policy violations.
• Respond to security incidents, including investigation, containment, eradication, and recovery.
• Conduct security assessments and penetration tests of cloud infrastructure and applications.
• Collaborate with engineering and DevOps teams to integrate security best practices into the CI/CD pipeline.
• Develop and enforce cloud security policies and procedures.
• Stay abreast of the latest cloud security threats, technologies, and compliance requirements.
• Build and maintain security documentation, including architecture diagrams and runbooks.
• Provide guidance and mentorship to junior security engineers.
• Participate in security architecture reviews and provide recommendations for improvement.
• Manage security logging and monitoring solutions for cloud environments.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Minimum of 6 years of experience in information security, with a strong focus on cloud security engineering.
• Deep understanding of cloud security principles and best practices across major cloud providers (AWS, Azure, GCP).
• Hands-on experience with cloud security tools such as firewalls, WAFs, IAM, security groups, and encryption services.
• Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for security automation.
• Experience with container security (Docker, Kubernetes) and serverless security.
• Familiarity with security frameworks (e.g., NIST, ISO 27001) and compliance standards.
• Strong understanding of networking concepts and protocols.
• Excellent problem-solving and analytical skills.
• Effective communication and collaboration skills, suitable for a remote team environment.
• Relevant certifications such as CCSP, AWS Certified Security – Specialty, or Azure Security Engineer Associate are highly desirable.

We are looking for an experienced IT Security Operations Center (L2) to join our team. If you have excellent skills we would like to meet you. As a IT Security Operations Center (L2), you'll work closely with our engineers to ensure system consistency and improve user experience.

Job Desc :

• Monitor and analyze security alerts from various sources.
• Conduct in-depth investigations of suspicious activities and incidents.
• Coordinate and escalate security incidents to appropriate teams.
• Perform root cause analysis and recommend solutions to mitigate risks.
• Collaborate with the L1 team to enhance detection capabilities.

PT Metrodata Electronics, Tbk (Digital Solution Provider & Technology Innovator) would like to invite you to be part of the company to develop yourself and your skills.

Qualification :

• Bachelor's Degree Computer Science/Information Technology
• At least 3 year(s) of working IT Security Operations Center (L2) experience
• Experience in analyze and incident handler
• Have experience in performing Incident Handler
• Experience in Threat Hunting

If you meet the requirement we needed, let's apply for the following open positions.

Metrodata not just offer for the job, we offer you for brighter career future.