Lowongan Kerja Jakarta Selatan Posisi Ict Information Security Analyst di PT Petrolink Services Indonesia

Info Loker

Perusahaan	PT Petrolink Services Indonesia
Posisi	Ict Information Security Analyst
Tempat	Jakarta Selatan
Tingkatan Kerja	Pegawai (non-manajemen & non-supervisor)
Kualifikasi	Sarjana (S1)
Jenis Pekerjaan	Full Time
Spesialisasi Dibutuhkan	IT-Admin Jaringan/Sistem/Database, Komputer/Teknologi Informasi
Gaji Min	Rp. 1.800.000
Gaji Max	Rp. 5.500.000

We are seeking an experienced and highly skilled Information Security Analyst to join our organization. As an Information Security Analyst, you will be responsible for ensuring the confidentiality, integrity, and availability of our organization’s information assets. You will play a crucial role in identifying and mitigating security risks, implementing effective security measures, and ensuring compliance with industry best practices and regulatory requirements.

Duties & Responsibilities:

• Conduct regular security assessments and vulnerability scans to identify potential weaknesses or security breaches.
• Analyze security alerts and logs to detect and investigate potential security incidents.
• Develop and maintain information security policies, procedures, and standards to ensure compliance with industry regulations and best practices.
• Implement and manage security controls, including firewalls, intrusion detection and prevention systems, encryption mechanisms, and access controls.
• Monitor and respond to security incidents, conducting thorough investigations and implementing appropriate remediation measures.
• Conduct security awareness and training programs for employees to promote a culture of security awareness and compliance.
• Stay up-to-date with the latest security threats, vulnerabilities, and industry trends to proactively address potential risks.
• Collaborate with cross-functional teams to ensure security is integrated into the design and development of systems, applications, and infrastructure.
• Perform risk assessments and provide recommendations for improving the security posture of the organization.
• Assist in the development and implementation of disaster recovery and business continuity plans.
• Works with internal customers to interpret/clarify/implement security requirements and any changes in the current security practice.
• Continuous improvement of the security defense capabilities.
• Involve in ISO 27001 implementation activities.
• All other duties as assigned.

Skills & Qualifications:

• Proficiency in performing security assessments and audits to identify vulnerabilities and recommend remediation measures.
• Strong knowledge of network protocols, including TCP/IP, DNS, DHCP, HTTP, SSL/TLS, and VPN.
• Experience with security incident response, including incident detection, containment, eradication, and recovery.
• Familiarity with security frameworks and standards such as ISO 27001, NIST Cybersecurity Framework, and CIS Controls.
• Understanding of web application security, including common vulnerabilities (OWASP Top 10) and secure coding practices.
• Proficient in log analysis and monitoring tools to detect and respond to security events.
• Experience with data encryption technologies, such as disk encryption, file-level encryption, and data-at-rest encryption.
• Familiarity with secure configuration and hardening of various operating systems, databases, and network devices.
• Ability to conduct digital forensics and incident investigation to identify the root cause and impact of security incidents.
• Experience in utilizing common SIEM (Security Information and Event Management) tools such as Splunk, Sentinel, or QRadar to collect, analyze, and correlate security logs and events.
• Experience with vulnerability scanning tools, such as Nessus, Qualys, or Rapid7, to identify and assess security vulnerabilities in systems, networks, and applications.
• Knowledge of cloud security principles and experience working with cloud platforms, particularly Microsoft Azure, including familiarity with Azure Active Directory (Azure AD) and its security features.
• Understanding of Active Directory (AD) and its security configurations, including group policies, permissions, and authentication mechanisms.
• Proficiency in securing web applications and familiarity with common web application vulnerabilities, such as cross-site scripting (XSS), SQL injection, and session hijacking.
• Knowledge of secure network architecture design principles, including network segmentation, DMZ configuration, and secure remote access.
• Familiarity with identity and access management (IAM) concepts, including user provisioning, role-based access control (RBAC), and multi-factor authentication (MFA).
• Strong analytical and problem-solving skills with the ability to quickly identify and resolve security issues.
• Excellent communication and interpersonal skills to effectively collaborate with stakeholders at all levels of the organization.
• Up-to-date knowledge of emerging security threats and trends.
• Understanding of risk management principles and methodologies.
• Working experience in ITSM ticketing tools is an added advantage.

Requirements:

• Bachelor’s degree in computer science, or equivalent work experience.
• Minimum 2 Years working experience as an Information Security Analyst or in a similar role.
• Security certification like Security+, CCNA Security, CCNP Security, GIAC, CompTIA, CEH, CHFI or similar (desirable).

Lamar kerja

Deskripsi Perusahaan

Info Perusahaan

• Industri: Komputer/Teknik Informatika (Perangkat Lunak)
• Ukuran Perusahaan: 51 - 200 pekerja
• Waktu Proses Lamaran: 26 hari
• Tunjangan dan Lain-lain: Waktu regular, Senin - Jumat, Bisnis (contoh: Kemeja), BPJS (Ketenagakerjaan & Kesehatan)