Full Time, Jakarta
- Continuously monitor external sources, including open-source intelligence (OSINT) feeds, dark web forums, and other threat intelligence platforms, to identify emerging cyber threats and trends.
- Collaborate with the Incident Response team to provide timely and accurate threat intelligence during security incidents. Assist in the analysis and investigation of security breaches, working closely with other cybersecurity teams to identify the source and extent of the attack.
- Proactively search for indicators of compromise (IOCs) and suspicious activity within our network infrastructure. Leverage both internal and external threat intelligence sources to identify and mitigate potential threats before they cause harm.
- Develop comprehensive and actionable intelligence reports based on threat findings and analysis.
- Collaboration and Information Sharing: Establish and maintain relationships with external organizations, such as industry peers, law enforcement agencies, and threat intelligence communities. Actively participate in information-sharing initiatives to stay updated on emerging threats and leverage collective knowledge to enhance our defensive capabilities.
- Conduct threat modeling exercises to identify potential vulnerabilities and prioritize them based on the potential impact to the organization. Assist in the creation of risk assessments and provide recommendations for risk mitigation strategies.
- Min S1 In IT Related fields
- Min 5 years in Security Operation Center Area.
- Proven experience in cyber threat intelligence analysis and threat hunting
- Preferable from IT Solution Integrator (Preferrable di sector Banking) with User Minimum > 7000
- Usage of SIEM and thus intermediate SPL query language knowledge and skills
- Passionate about IT and Cybersecurity in particular, with a willingness to stay up to date on hot topics in the field
- Ability to reasonably balance best practices and problem solving in practical situations, considering stakeholders' considerations of risks and reasons
- Usage and Ability to handle maintenance of a TIP ( Anomaly, ThreatQ, MISP) including standard STIX/TAXII standard and Mitre Attck models.
- Knowledge and posses skill on of scripting language (eg Phyton, yaml)
- Certifications : CISSP, CEH, atau GIAC GCSI