Job description
- Monitor, analyze, and respond to security incidents and alerts across systems, networks, and applications.
- Manage and maintain security platforms including EDR, SIEM, WAF, DLP, and PAM solutions.
- Perform threat analysis, vulnerability assessments, and coordinate remediation activities.
- Investigate and document security incidents, ensuring timely resolution and reporting
- Implement and enforce access control policies in accordance with company standards.
- Ensure compliance with OJK, BI, ISO 27001, PCI DSS, and other relevant security regulations.
- Collaborate with IT, Infrastructure, and Application teams to enhance system and network security.
- Prepare periodic security reports and provide recommendations for continuous improvement.
Requirement
- Bachelor's degree
in Computer Science, Information Technology, Cybersecurity, or related field. - Minimum
3–5 years of experience
in IT Security, preferably in the banking or financial industry. - Strong understanding of information
security principles, standards, and frameworks
(ISO 27001, NIST, PCI DSS, OJK, BI regulations). - Hands-on experience with
security tools and platforms
, such as:
Endpoint Detection & Response (EDR)
– e.g., CrowdStrike, Sophos, SentinelOne - Security Information and Event Management (SIEM)
– e.g., Splunk, IBM QRadar, LogRhythm - Privileged Access Management (PAM)
– e.g., CyberArk, BeyondTrust - Web Application Firewall (WAF), DLP, and Threat Intelligence tools
- Knowledge of network and server security, including firewalls, VPN, IDS/IPS, and system hardening.
- Proficient in incident analysis, log monitoring, and threat investigation.
- Experience with
access control and identity management systems (Active Directory, IAM, PAM). - Familiar with cloud security concepts (Azure, AWS, GCP) and hybrid infrastructure environments.
- Strong analytical, problem-solving, and communication skills.
- Ability to work effectively in a fast-paced, regulated environment with attention to detail.