Back to search:It Security / Jakarta
IT Security Services Officer for Cybersecurity Program

Menteng, Jakarta | IDR60,000,000 - IDR120,000,000 | PT. NOOSC Security Global

Posted today

Job Description

General Qualifications:

  • Expertise in implementing cybersecurity frameworks such as NIST, ISO 27001, and CISA.
  • Successful delivery of services to organizations of similar size and complexity.
  • Proven ability to mentor and train internal teams.
  • Familiarity with regulatory requirements and compliance standards.
  • Familiarity with security standards and frameworks.

Soft Skill:

  • Strong verbal and written communication skills (especially for explaining risks to non-technical stakeholders). Indonesian & English.
  • Excellent problem-solving and critical thinking abilities.
  • High degree of integrity, responsibility, and attention to detail.
  • Able to work independently and collaboratively in a team.
Scope of Work Phase 1: Immediate Security Enhancements
  • Launch CSIRT/IRT operation to work with SOC Team to identify incidents reported by SOC and take necessary action to resolve and protect environment.
  • Develop a documented IRP (Incident Response Plan) to detect, respond to, and recover from incidents. Conduct tabletop exercises to test the IRP under real-world scenarios.
  • Provide a detailed security assessment report with actionable recommendations for improvements.
Phase 2: Long-Term Cybersecurity Program Initiation
  • Conduct a comprehensive security assessment including servers, endpoints, and cloud platforms. Work with SOC vendors that deliver vulnerability assessment as their SOC scope. Identify and remediate critical vulnerabilities such as misconfigurations, patching issues, and access control gaps. Collaborate with relative vendor as the executor of necessary actions needed (such as Fortigate firewall check, Bluecat DHCP check, AWS vulnerability check, etc).
  • Create and formalize strong IT security policies for access control, incident response, data protection, and compliance alignment.
  • Evaluate, configure, and optimize security tools such as firewalls, SIEM, endpoint protection, vulnerability scanners, and DLP solutions. Establish Computer Security Incident Response Team align with SOC implementation.
  • Ensure adherence to relevant regulatory requirements and prepare audit-ready documentation, provide evidence of compliance with certifications, reports, or assessments. Establish security rules such like Approval and review process for cloud usage, ensuring users comply with established rules through training and clear guidelines, and implementing detection to identify and address non-compliant activities.
  • Create planning of next year security program to be conducted.
Phase 3: Continuous Maintenance and Optimization
  • Execute annual security program plan and control the progress.
  • Perform periodic vulnerability assessments and penetration testing.
  • Regularly update and patch systems, applications, and tools to address newly discovered vulnerabilities.
  • Monitor the performance of deployed security tools and optimize their configurations.
  • Implement real-time threat detection using SIEM and other monitoring tools.
  • Conduct regular incident response drills and provide post-incident analysis and recommendations.
  • Regularly reassess IT security practices to ensure alignment with evolving regulatory requirements.
  • Maintain security documentation (Policy, Procedure, Guideline, etc).
  • Maintain audit-ready documentation, including risk assessments, incident logs, and compliance reports.
Additional Information

Locally eligible applicants are invited to apply. Applicants from other regions are not accepted for this role.

#J-18808-Ljbffr
Apply on the website