Reporting To (position):
DKI Jakarta, Indonesia
This role supports all aspects of Petrolink Information Security function, reporting to the Information Security Lead.
This position requires deep understanding of network security, risks, threats and prevention measures.
The candidate will be expected to analyses vulnerabilities and threats and, coordinate responses. They will assists in the maintenance and configuration of our endpoint protection suite, participate in vulnerability scans and reporting and assist with Information Security awareness activities such as training and readiness exercises.
Duties & Responsibilities
- Plan, design and build of information security scanning controls and the supporting security architectures.
- Develop, document and implement enterprise information security monitoring procedures for on-premise and cloud hosted infrastructure.
- Perform vulnerability testing, risk analyses and security assessments.
- Identify and suggest system and network security requirements.
- Investigate and respond to security incidents and violations.
- Configure and troubleshoot security infrastructure devices.
- Develop technical solutions and new security tools to help mitigate security vulnerabilities.
- Investigate known and suspected information security events and develop related reports.
- Raise awareness of security policies and develop activities for enforcing information security awareness culture.
- Works with internal customers to interpret/clarify/implement security requirements and any changes in the current security practice.
- Continuous improvement of the security defence capabilities.
- All other duties as assigned.
Skills & Qualifications
- Hands-on technical proficiency with ICT Infrastructure devices, firewalls, IDS/IPS, DLP, Antivirus, Active Directory and SIEM tools.
- Demonstrated proficiency in network and/or system administration.
- Knowledge of network technologies not limited to Routers, Switches, Firewalls.
- Knowledge on computer forensic tools, technologies and methods.
- Experience with security scanning tools, specifically with Nessus.
- Incident Management and analysis experience on security events and logs.
- Working knowledge of web application firewalls, load balancers and proxies.
- Knowledge and understanding of the Centralized Antivirus System.
- Ability to meet deadlines and adjust to changing priorities to meet business goals.
- Familiarity with threat intelligence and network forensic tools will be added advantage.
- Understanding of Windows, Linux, Mac operating systems, threats, and vulnerabilities.
- Excellent English communication skills both written and verbal.
- Security certification like Security+, CCNA Security, CCNP Security, GIAC, CompTIA, CEH, CHFI or similar (desirable).
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills.