1. Job Responsibilities

Security Monitoring & Operations

  • Monitor and operate security systems using tools such as Firewall (NGFW), IDS/IPS, WAF, SIEM, DLP/DDP, VPN.
  • Manage, configure, and upgrade security and network devices, including firewalls, VPN, switches, and anti-virus systems.
  • Detect, analyze, and handle security incidents such as malware, brute force attacks, DDoS, phishing, web attacks, and other abnormal activities.
  • Coordinate with IT teams to ensure system security and stability.

Risk Assessment & Control

  • Assess security risks for new systems and IT projects.
  • Coordinate with external vendors to conduct penetration testing and vulnerability assessments.
  • Support remediation and tracking of identified security issues.

Regulatory Compliance & Documentation

  • Develop, review, and update Information Security (IS) procedures, including:
    + Access management
    + Risk management
    + Incident response
    + Backup and Disaster Recovery (DR)
  • Support internal audits and compliance activities as required.

Incident Response

  • Execute the incident response process according to defined procedures.
  • Conduct root cause analysis (RCA) for security incidents.
  • Prepare incident reports and report to the IT Director.

2. Requirements

  • Bachelor’s degree from a University in Information Technology, Information Security, Cybersecurity, or related majors.
  • Minimum 3 years of experience in Cybersecurity, Information Security, or Security Operations roles.
  • Solid knowledge of cybersecurity fundamentals and hands-on experience with security technologies, including Firewall, IDS/IPS, WAF, SIEM, DLP/DDP, and VPN.
  • Experience working with Linux and Windows Server environments.
  • Knowledge of database security (Oracle, MS SQL, PostgreSQL).
  • Good understanding of networking concepts such as TCP/IP, NAT, routing, VLAN, and load balancing.
  • Understanding of Web Application Security (OWASP Top 10) and API security.
  • Strong analytical thinking, problem-solving skills, and ability to respond quickly to security incidents.
  • Good communication skills; able to work effectively with cross-functional teams.
  • Good English skills.
  • Security certifications such as Security+, CEH, CySA+, or equivalent are a plus.
  • Experience in financial services or regulated environments is an advantage.