IT Security Specialist
Alterra
- South Jakarta
- Permanent
- Full-time
1. System Hardening
- Develop and implement security hardening procedures for servers, network devices, and applications to minimize potential attack surfaces.
- Stay updated on industry best practices and emerging threats to continually enhance the security posture.
- Conduct regular vulnerability assessments to identify and remediate security weaknesses.
- Collaborate with IT teams to prioritize and address identified vulnerabilities promptly.
- Establish and maintain a robust patch management process to ensure timely application of security updates and patches.
- Test and validate patches before deployment to minimize disruption.
- Configure and manage security settings for operating systems, databases, and applications.
- Work closely with system administrators and application developers to ensure secure configurations are maintained.
- Enforce compliance with security policies, standards, and regulatory requirements.
- Conduct regular audits to assess compliance levels and address any deviations.
- Conduct periodic security assessments and audits to ensure adherence to security policies and regulatory standards, such as GDPR, HIPAA, PCI DSS, and ISO 27001.
- Collaborate with the incident response team to develop and implement security incident response plans.
- Monitor security event logs and alerts generated by various security systems, such as SIEM (Security Information and Event Management) platforms
- Develop and deliver security awareness training for staff to enhance their understanding of security best practices.
- Provide guidance and security-related inquiries
- 2-3 years of relevant experience in IT Security Area
- Experience with Infrastructure Security Hardening (with focus on Operating Systems)
- Proven experience in information security, including risk assessment, incident response, and security operations
- Strong working knowledge of Microsoft Windows Server Operating System (Windows 2016 +) or UNIX/Linux (SLES, RedHat, Ubuntu) - preferably both
- Familiarity with security frameworks and standards (e.g., CIS Critical Security Controls, NIST)
- Proficiency in using security tools and technologies, such as SIEM platforms, IDS/IPS, endpoint security solutions, and vulnerability management tools.