Back to search:SOC Analyst / Jakarta

Eterna Indonesia is building an experienced Security Operations capability and is hiring SOC Analysts across experience levels (entry → senior). We are partnering with a U.S.-based cybersecurity company that is opening a new SOC division in Indonesia; successful hires will join the team we are supplying to support that initiative. (Client name is intentionally omitted from this posting.)

This is an English-speaking, onsite role in a professional Jakarta Pusat office. You'll work on real production systems used by international clients, drive incident response, and help mature detection capabilities. We welcome candidates who are methodical under pressure, curious about threat behavior, and committed to continuous learning.

What You'll Work On (overview)

You will monitor, investigate, and remediate security events across cloud, network, and endpoint telemetry. Responsibilities span alert triage, forensic investigations, threat hunting, detection engineering, automation, and cross-team coordination with DevOps, Engineering, and IT. Depending on experience, you may focus on first-line triage (L1), deeper investigations and remediation (L2), or leading high-severity incident response and shaping detection strategy (L3).

Core Responsibilities (all hires)
  • Monitor SIEM, EDR/XDR, IDS/IPS, WAF/proxy and cloud logs, and threat feeds for suspicious activity.
  • Triage alerts, create accurate incident tickets, and follow/runbooks to contain and escalate incidents.
  • Perform log correlation, timeline reconstruction, and preserve evidence for investigations.
  • Coordinate remediation with engineering and operations teams (patches, isolation, recovery).
  • Tune detection rules, reduce false positives, and contribute to playbook/runbook improvements.
  • Participate in shift rotations and on-call schedules as required for 24/7 coverage.
  • Produce clear written incident notes and technical reports for both technical and non-technical stakeholders.
  • Continuously research new TTPs (tactics, techniques, procedures) and share knowledge with the SOC team.
Responsibilities by Experience (what success looks like)
  • Junior / L1: First-line alert triage, basic enrichment, following playbooks, escalating validated incidents, and maintaining ticket and evidence hygiene.
  • Mid / L2: Deep investigations across endpoints/networks, moderate forensic tasks, remediation coordination, detection tuning, and automation of repetitive processes.
  • Senior / L3: Lead complex incident response and threat-hunting, design and tune advanced detections (SIEM/SOAR), perform memory/malware forensics, mentor peers, and help shape SOC strategy and tooling.
Required Qualifications
  • Professional fluency in English (spoken & written).
  • Solid fundamentals in networking (TCP/IP, DNS, HTTP/S), Windows & Linux internals, and log analysis.
  • Practical experience with at least one SIEM or log platform (Splunk, Elastic/ELK, Microsoft Sentinel, QRadar, or similar) OR demonstrated ability to learn quickly.
  • Familiarity with EDR/XDR solutions (or willingness to train quickly): CrowdStrike, SentinelOne, Carbon Black, Microsoft Defender, etc.
  • Strong attention to detail and disciplined incident documentation / evidence handling.
  • Calm analytical problem-solving under pressure, good teamwork and communication skills.
  • Willingness to work onsite in Jakarta Pusat and participate in shift/on-call rotations.
  • Availability to start this week or next is strongly preferred — please state earliest start date in your application.

Preferred / Nice-to-Have
  • Certifications: CompTIA Security+, GCIH, GCFA, GCIA, CEH, CISSP, OSCP, CHFI, or equivalent.
  • Hands-on experience with packet capture & network forensics tools (Wireshark, Zeek, Suricata).
  • Experience with SOAR platforms (Cortex XSOAR, Demisto) and scripting (Python, PowerShell, Bash).
  • Memory forensics / malware analysis exposure (Volatility, sandboxing) for advanced roles.
  • Cloud security monitoring experience (AWS CloudTrail/CloudWatch, Azure Monitor, GCP logging).
  • Prior SOC experience in a 24/7 environment and working with threat-intel platforms (TIPs).
  • Familiarity with MITRE ATT&CK and detection engineering principles.
Tools & Technologies You Might Use

Splunk / Elastic / Microsoft Sentinel, CrowdStrike / SentinelOne / Carbon Black / Defender, Wireshark, Zeek, Suricata, Cortex XSOAR / SOAR platforms, Python / PowerShell / Bash, Kibana, firewall/IDS/WAF logs, cloud logging, memory forensics tools.

Benefits & Total Rewards (complete)

We provide a comprehensive benefits package to support your health, career growth, and day-to-day needs:

  • Private insurance (company-sponsored) including medical & dental coverage.
  • BPJS Kesehatan (national health insurance) and BPJS Ketenagakerjaan (BPJS TK).
  • Paid Time Off (PTO) — annual leave and sick leave in line with company policy and Indonesian labor law.
  • E-cash allowance redeemable for work equipment, training, certification fees, or approved work expenses.
  • Performance-based incentives and competitive base salary matching market rates.
  • Training & certification support — sponsorship for relevant security certifications and on-the-job training.
  • Professional, collaborative onsite workspace in Jakarta Pusat with exposure to international clients and real incidents.
  • Clear career progression and mentoring from senior SOC professionals.
Why Join This Team?

You'll be part of a professional SOC operation supporting international customers and a U.S.-based partner launching a local SOC division. This is a chance to accelerate your career, work with industry-grade tooling, and receive structured mentorship and certification support while contributing to tangible security outcomes.

Apply on the website