job description
Join Lintas Teknologi Indonesia as a Security Analyst (SOC L1) and play a pivotal role in safeguarding our digital infrastructure against evolving cyber threats. Based in the vibrant tech hub of Bali (Canggu, Badung), you’ll work alongside a dynamic cybersecurity team to monitor, detect, and respond to security incidents in real time.
As the first line of defense in our Security Operations Center (SOC), you’ll analyze security alerts, investigate potential breaches, and implement proactive measures to mitigate risks. This role is perfect for detail-oriented professionals with a passion for cybersecurity and a desire to grow in a fast-paced, innovative environment.
Why this role? Bali’s booming tech scene offers a unique blend of professional growth and work-life balance, while Lintas Teknologi Indonesia provides cutting-edge tools, continuous training, and a collaborative culture to help you excel.
Responsibility
- Monitor security alerts and logs from SIEM, IDS/IPS, firewalls, and endpoint detection systems 24/7.
- Perform initial triage and classification of security incidents, escalating high-priority threats to SOC L2/L3 teams.
- Conduct thorough investigations of suspicious activities, including malware analysis, phishing attempts, and unauthorized access.
- Document and report security incidents with clear, actionable recommendations for remediation.
- Assist in the development and refinement of SOC playbooks, rules, and detection logic.
- Collaborate with IT and DevOps teams to implement security best practices and patch vulnerabilities.
- Stay updated on emerging cyber threats, attack vectors, and industry trends to enhance threat detection capabilities.
- Participate in on-call rotations for after-hours incident response.
Qualifications
- Bachelor’s degree in Computer Science, Cybersecurity, IT, or a related field (or equivalent experience).
- 1-3 years of experience in IT security, SOC operations, or incident response (fresh graduates with certifications are encouraged to apply).
- Hands-on experience with SIEM tools (e.g., Splunk, QRadar, ELK Stack) and network monitoring.
- Familiarity with firewalls, IDS/IPS, EDR/XDR solutions, and vulnerability scanning tools.
- Strong understanding of network protocols, TCP/IP, and common attack methodologies.
- Certifications such as CompTIA Security+, CEH, CISSP, or GIAC are a plus.
- Excellent analytical, problem-solving, and communication skills in English.
- Ability to work under pressure in a fast-paced, shift-based environment.