Requirements:
• 5+ years of experience in cybersecurity: SOC, blue-team, DFIR, red-team, or security engineering.
• Hands-on experience with SIEM and SOAR platforms (Splunk, Elastic, etc.).
• Proficiency in triaging incidents, working with log sources, and creating detection rules/playbooks.
• Familiarity with frameworks: MITRE ATT&CK, Cyber Kill Chain, NIST CSF.
• Scripting capability (e.g., Python, Bash) to automate security operations or analyze data.
• Experience with security across systems: network, firewall, EDR, WAF, OS, TI feeds, etc.
• Willingness to work outside business hours, including weekends during migrations/integrations.
• Must be based in or willing to relocate to Jakarta.
Jobdescriptions:
• Design, implement, and maintain security infrastructure (on-premise and/or cloud).
• Perform regular vulnerability scanning, penetration testing, and recommend actionable remediations.
• Monitor, investigate, and respond to security incidents in real time.
• Develop and enforce comprehensive security policies, SOPs, and incident response playbooks.
• Collaborate with infrastructure and development teams to ensure secure configurations and processes.
• Continuously stay updated on the latest security threats, vulnerabilities, and emerging technologies.
• Provide internal security consulting and contribute to risk assessments for new initiatives or systems.
• Participate in security reviews, audits, and compliance processes