About Eterna Indonesia

Eterna Indonesia is a fast-growing BPO company providing multiple business services including IT infrastructure, software development, security operations, and customer support. We bridge top talent from Southeast Asia with innovative U.S.-based businesses through our remote-first model. We are Great Place to Work® certified with over 200+ employees currently working with NASDAQ and Fortune 500 companies.

We are currently hiring an experienced Security Engineer to implement and optimize security tooling and controls for our U.S.-based clients.

About the Role

You'll implement and optimize security tooling and controls for U.S. clients remotely with night shift hours (Indonesian time). This is a hands-on technical role focused on deploying security technologies, hardening systems, and building automation to scale security operations. You'll work closely with SOC analysts, infrastructure teams, and application developers to embed security throughout the technology stack.

Key Responsibilities

• Deploy, configure, and manage EDR/XDR, SOAR, DLP, WAF, and CASB solutions
• Harden endpoints, servers, and cloud platforms according to security benchmarks
• Implement and manage identity & access solutions: SSO, MFA, PAM, just-in-time access
• Build SOC detections, automation workflows, and incident response playbooks
• Integrate security tools with SIEM platforms for centralized monitoring
• Conduct security assessments and vulnerability remediation projects
• Develop scripts and automation to scale security operations
• Implement security controls aligned with NIST CSF, CIS Controls, and ISO 27001
• Collaborate with DevOps teams on security pipeline integration (DevSecOps)
• Document security architectures, configurations, and standard procedures

Requirements (Must-have)

• 3+ years of security engineering or security operations experience
• Deep knowledge of endpoint security (EDR/XDR), network security, and cloud security
• Hands-on experience deploying and managing enterprise security tools
• Strong understanding of identity and access management principles
• Scripting and automation skills (Python, PowerShell, Bash)
• Familiarity with security frameworks (NIST CSF 2.0, CIS Controls v8.1, ISO 27001)
• Understanding of cloud security (AWS, Azure, or GCP)
• Fluent in English (written and spoken) for technical communication
• Willingness to work night shift (Indonesian time) aligned to U.S. business hours

Preferred Qualifications

Security Certifications:

• CompTIA Security+, CySA+, or PenTest+
• (ISC)² CISSP or SSCP
• (ISC)² CCSP (Certified Cloud Security Professional)
• GIAC certifications (GSEC, GCED, GCWN, GCIH)
• Offensive Security OSCP

Cloud Security:

• AWS Certified Security – Specialty
• Microsoft Certified: Azure Security Engineer Associate (SC-200, SC-300)
• Google Cloud Professional Security Engineer

Additional:

• Experience with SOAR platforms (Cortex XSOAR, Splunk Phantom, Demisto)
• Familiarity with DevSecOps practices and CI/CD security integration
• Understanding of zero-trust architecture principles
• Experience with compliance requirements (SOC 2, PCI DSS, HIPAA)
• Prior experience with U.S. Fortune 500 or public company clients

Note: We welcome candidates who are pursuing these certifications or have equivalent demonstrated experience.

Tools & Technologies You May Use

CrowdStrike, SentinelOne, Microsoft Defender, Carbon Black, Splunk SOAR, Palo Alto Cortex XSOAR, Okta, Azure AD/Entra ID, CyberArk PAM, BeyondTrust, Symantec DLP, Netskope CASB, Palo Alto Prisma, CloudFlare WAF, AWS Security Hub, Azure Sentinel, Python, PowerShell, Terraform.