Lowongan Kerja Jakarta Raya Posisi Lead Threat Detection & Response Engineer di PT Solusi Transportasi Indonesia

Info Loker

Perusahaan	PT Solusi Transportasi Indonesia
Posisi	Lead Threat Detection & Response Engineer
Tempat	Jakarta Raya
Tingkatan Kerja	Supervisor/Koordinator
Kualifikasi	Sarjana (S1)
Jenis Pekerjaan	Full Time
Spesialisasi Dibutuhkan	Penjualan - Teknik/Teknikal/IT, Penjualan / Pemasaran
Gaji Min	Rp. 1.800.000
Gaji Max	Rp. 5.500.000

The Role:
You’ll be part of an exciting team that is responsible for the Grab Cyber Defence functions. The Cyber Defence team is responsible for external threat detection, incident response, threat intelligence, threat hunting, red teaming, insider abuse and insider fraud detection. 
Job Description Summary:
As a Principal / Lead Threat Detection and Response Engineer at Grab, you are a team player and responsible for monitoring, detecting, and responding to potential threats against Grab’s networks around the world. You would be seen as one of the go-to person for one or preferably more of the following such as building Cyber threat detections, responding to Cyber threats, forensic analysis, malware analysis, automating current manual processes and building new solutions to solve the above problems.   Self motivated, you hunt actively hunting through our environment for undetected suspect activity and drive your findings to a post mortem. You’ll use tried and true techniques, tools, and best practices and also invent new ones along the way. You’ll be surrounded by smart, driven people who all care about Grab’s mission and information security. You enjoy engaging with senior and junior staff members and look for opportunities to scale up those around you. You have good public speaking, presentation and written skills and may have presented in conferences. 
 The day-to-day activities:

• Generate: alert criteria for Cyber intrusions and push them to production. Also produce decision criteria and playbooks for alerts, automating as much as possible.
• Mature: existing detection rules, and create automated tests and automation workflows to improve the overall detection capability. 
• Identify: gaps in the current logging capability and suggest mechanisms to remediate these gaps. 
• Hunt: Be proactive and use the latest threat intel and/or best practices to hunt down potentially malicious activity in our network.
• Respond: When an incident occurs, you will be on the front lines of response for the entire company.
• Advise: Help us pick the best solutions to nascent problems – vendors, processes, training. You will use your expertise to shape the future of the team.
• Engage: Enjoy working collaboratively in a close-knit team to address their security challenges while understanding business needs.

  Requirements:

• Ability to contribute to rotating on-call Incident Response roster
• Strong, proven track record of delivering results in fast-paced, resource-scarce environments. Assume your favourite tool is not available but that you have the chance to learn a new one.
• Ability to handle stress effectively and maintain strong output during an incident
• Ability to effectively communicate findings to both technical and non-technical audiences
• Curiosity and a relentless drive to understand how networks work and how they can be abused.
• Cloud expertise – be able to stand toe to toe with our IT and infrastructure teams while bringing an investigator’s mindset to the mix.
• Development – Proficient in using languages like Python or Go to automate tasks and process large amounts of messy data.
• Platforms: Developing security rules in a SIEM platform, workflows in a SOAR platform and working knowledge of cloud platforms. 
• Threat Detection and Incident Response experience – experience conducting IR in cloud environments, experience with multiple security tools/systems/logs (network, EDR, WAF, OS.), working knowledge of frameworks such as ATT&CK and kill-chain and strong communication skills. Able to perform incident root cause analysis to identify intrusion vectors and recommend compensating controls to prevent similar future intrusions.
• Relevant industry certifications – SANS GCIH, GMON, GCIA, security certs for cloud providers (AWS, Azure, GCP), SIEM certs.
• Working collaboratively with other team members
• Mentor new and junior team members

Lamar kerja

Deskripsi Perusahaan

Info Perusahaan

• Industri: Komputer/Teknik Informatika (Perangkat Lunak)
• Ukuran Perusahaan: 201 - 500 pekerja
• Tunjangan dan Lain-lain: Tip, Asuransi kesehatan, Kasual (contoh: Kaos)