IT Security Sr. Analyst

Location:

Jakarta, ID

Company: PT Chandra Asri Pacific Tbk

Job Summary:

The Senior IT Security Analyst/Engineer is responsible for formulating strategies, planning, and implementing the development of the company's cybersecurity systems. This role will lead the procurement process for cybersecurity projects, manage related projects, and collaborate with various teams to ensure a strong and compliant cybersecurity posture. The ideal candidate possesses a deep understanding of cybersecurity, experience in project management, and specific knowledge of cloud security (Azure and AWS), this is optional but would be a plus for the candidate. Additionally, the candidate is expected to provide support to the operational teams in their daily tasks.

Key Responsibilities:

Cybersecurity Strategy and Planning:

Analyze the company's current cybersecurity landscape and identify areas for improvement.
Formulate short-term and long-term cybersecurity system development strategies and plans that align with the company's business objectives.
Conduct research and evaluation of the latest cybersecurity technologies and trends for potential implementation.

Cybersecurity Project Procurement:

Lead the process of developing the scope of work (SOW) and technical specifications for cybersecurity system development projects.
Manage the vendor evaluation and selection process for cybersecurity solutions that meet the company's needs.

Be responsible for contract negotiation and managing relationships with cybersecurity vendors.

Cybersecurity Project Management:

Act as a coordinator or project manager for various cybersecurity initiatives, both in IT and OT (Operational Technology) environments.
Plan, execute, monitor, and evaluate the progress of cybersecurity projects according to established schedules and budgets.
Manage risks and issues that arise during project implementation and ensure effective resolution.

Cybersecurity Policy and Procedure Development:

Collaborate with the IT Governance team and strategic management to develop, review, and update the company's cybersecurity policies, standards, and procedures.
Ensure that security policies and procedures align with applicable laws and regulations.
Support the socialization and implementation of security policies and procedures across the organization.

Cloud Security Development (optional but would be a plus for the candidate):

Possess a strong understanding of security architecture in Azure and AWS cloud platforms.
Be capable of designing and implementing security solutions for cloud environments, including security configurations, identity and access management, encryption, and security monitoring.
Ensure compliance with cloud security standards and best practices.

Operational Support:

Provide technical support to the IT operations team in handling security incidents.
Assist the Managed Service Provider (MSP) and Security Operations Center (SOC) teams in investigating and responding to security threats.
Participate in daily operational tasks related to cybersecurity as needed.

Qualifications:

Degree in Computer Science, Information Technology, Information Systems, or a related field.
Possess Network Infrastructure and/or Cybersecurity certifications such as CCNA, CCNP, CEH, CompTIA Security+, or specific product certification.
Cloud security certifications (e.g., Azure Security Engineer Associate, AWS Certified Security – Specialty) will be a plus.
Proven experience in leading cybersecurity projects from initiation to completion.
In-depth knowledge of cybersecurity concepts and best practices, including risk assessment, vulnerability management, incident response, and security awareness.
Understanding of security standards and frameworks such as ISO 27001 or NIST CSF or OT Cybersecurity IEC 62443
Strong analytical and problem-solving skills.
Excellent communication and interpersonal skills, including the ability to collaborate with technical and non-technical teams.