IT Security Engineer  

Responsibilities:

Yellow Team

• As a Security Architect - Create and enhance security architecture
• Assessing complex IT environments and mapping the data flow of the through systems/applications and organizational functions.
• Architecting and designing cybersecurity solutions for multi-tenant managed security services environment
• Designing shared services / cloud infrastructure environment
• Acting as an expert in cyber defense activities, and building of substantial experience in design, implementation and validation phases for security monitoring projects (SIEM architecture design, IDSP deployment).
• Facilitating architecture sessions to develop enterprise security architecture that fits within clients existing environment.

Green Team [Vacancy Closed]

• Design and Implement Security Solutions: Develop and configure network security architecture, including firewalls, VPNs, and intrusion detection systems.
• Monitor Network Traffic: Continuously analyze network traffic for anomalies and potential threats, using security information and event management (SIEM) tools.
• Conduct Risk Assessments: Regularly evaluate network security measures and conduct vulnerability assessments to identify weaknesses.
• Documentation and Reporting: Maintain documentation of network security policies, procedures, and incidents, providing detailed reports to management.

Blue Team (L1 Analyst) [Vacancy Closed]

• Act as Incident first responder for a 24/7 SOC Operations
• Monitor security sensors and review logs to identify network anomalies or intrusions
• Perform initial analysis of security alerts
• Escalate security incidents using established policies and procedures in a timely manner
• Work with clients to analyse potential security incidents, identifying root cause and implement mitigation step(s)/ remedial action(s)
• Perform Response action based on standardize workflow
• Assist with the development of incident response plans, workflows, and SOPs
• Provide threat and vulnerability analysis security advisory services

Red Team [Vacancy Closed]

• Deliver Red Team Exercises
• Conduct state-of-the-art penetration testing against web applications, network infrastructures, user workstations, network appliances and other devices and technologies.
• Manual and automated security testing of Web applications, APIs, and Mobile Applications.
• Do code review
• Static and Dynamic testing (SAST & DAST) of thick applications
• Develop Proof-of-Concept (PoC) for the identified vulnerabilities.
• Provide remediation guidance to identified vulnerabilities.
• Develop and execute security testing project plans

Minimum Qualifications:

• Bachelor's degree in Cyber Security, Computer Science, Information Technology, or related field.
• Strong interest in cybersecurity with a desire to learn and grow in the field.
• Familiarity with security tools such as SIEM, IDS/IPS, antivirus, and firewalls.
• Ability to work in a fast-paced environment and adapt to changing priorities.
• Excellent problem-solving and communication skills.
• Familiar with code review and any programming languages e.g Go, Java (for Red Team)*
• Available for shift work (for Blue Team L1)*
• Willing to work onsite in OCBC Space (BSD City, Tangerang)

Preferred Qualifications:

• Relevant certifications such as CompTIA Security+, CEH, or CISSP.
• Experience with incident response and security operations.
• Understanding of industry compliance standards (e.g., PCI DSS, HIPAA, GDPR).
• Knowledge of scripting languages (e.g., Python, PowerShell) for automation.