Childfund International Job Vacancy: Information Security Analyst, Jakarta – Indonesia

CHILDFUND INTERNATIONAL JOB VACANCIES 2023

JOB DESCRIPTION

• Title: Information Security Analyst
• Div/Dept: Talent, Technology & Finance (TTF)
• Reporting Relationship: Manager IT Security
• Work Location: Country Office of Bangalore, India/ Jakarta, Indonesia/ Manilla, Philippines

SUMMARY

The Information Security Analyst performs two core security functions for the enterprise. The first is the day-to-day operations of the in-place security solutions (directly or indirectly) to ensure the secure operation of the in-house and cloud- based computer systems, servers, and network connections. This person will also analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion. Conduct user activity audits where required.

The second is the involvement in the design implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as assisting in vulnerability audits and assessments. The Information Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals.

DUTIES/RESPONSIBILITIES

• Participate in the planning and development of enterprise security architecture, (infrastructure, hardware, and operating systems) and additional involvement in the implementation of IAM solutions for ChildFund
  under the direction of the IT Security Manager
• Participation in the creation of enterprise security documents (policies, standards, baselines, guidelines, architecture, and procedures)
• Participation in the planning, design, and execution of an enterprise Business Continuity Plan, Disaster Recovery Plan, and Change Management Programs.
• Participation in the planning, design, and execution of Group Security Polices via Active Directory for infrastructure and operating systems.
• Device security, encryption techniques, standards, policies and procedures.
• Implements and uses tools in support of network security.
• Work in conjunction with the End Point Management Team.
• Responsible for working with Application Development for roles and authorizations for all applications and developing roles based on segregation of duties authorizations.

Responsibilities will include:

• Documenting roles-based access requirements
• Working with Business teams to develop the organizational segregation requirements for roles for various Line of Business applications.
• Web-Social Networking, responsible for understanding security requirements and best practices in Web and Social Networking.
• Manage all Information Security related vendors, outsourcers, and contractors to obtain protection services and products.
• Participate in the design, manage, and perform ChildFund’s information security awareness program.
• Participate in regular Change Control/Management activities.
• Maintain all documentation pertaining to Security configuration of devices and software.
• Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
• Work in conjunction with appropriate resources (inhouse and outsourced) to deploy, manage and maintain all security systems and their corresponding or associated software, including but not limited to firewalls, intrusion detection systems, and anti-virus software.
• Participate in external and internal audits related to IT.
• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Stay abreast of the ever-changing trends and tools in the field of the information security.

QUALIFICATIONS/EXPERIENCE

• 2+ Years of relevant experience
• 2 – 5 years of network LAN WAN experience
• Knowledge of standard concepts, practices, and procedures of networking
• Knowledge or experience with PCI DSS, SOC 2, ISO 27000 Security Standards is a plus
• Knowledge or experience working with SIEM tools, ticketing systems, and cyber security analytics.
• Knowledge and experience with data privacy, security, and protection.
• Understanding of Security protocols (IPSec), and encryption technologies (3DES, AES, SHA2, TLS).
• A strong working knowledge of Windows operating systems at the server and desktop level is required
• Knowledge of Active Directory and Exchange.
• A working knowledge of Cisco Systems products, VMWare, SAN storage and Cloud environments is a plus.
• Creativity and the ability to grasp new technologies quickly are essential
• Must have strong inter-personal skills and the ability to train and share knowledge
• English Required, Spanish, Portuguese, and/or French as a second language will be a plus
• Some travel may be required
• Must be able to work after hours and weekends as required.

EDUCATION

• Bachelor’s degree in Information Technology or closely related discipline or equivalent relevant work experience.
• MCSE, CompTIA Security+, GIAC Information Security Fundamentals, Microsoft Certified Systems Administrator: Security, (ISC)2 SCCP, (ISC)2 CISSP, (ISC)2 ISSAP certifications preferred but not required.

Use the below link to apply for the position.

CLICK HERE

Last Application date: February 28,2023

Disclaimer: This job description is not an exhaustive list of the skill, effort, duties, and responsibilities associated with the position