About the Role‍

Eterna Indonesia is recruiting a seasoned SOC Analyst Level 3 to lead advanced detection engineering, incident response for high-severity events, and SOC capability building. This senior, onsite position will serve as the technical escalation point, mentor the SOC team, and help define our security posture while supporting an international client initiative.

Key Responsibilities

• Lead complex incident response: containment, eradication, recovery, and post-incident remediation planning.
  
• Perform advanced threat hunting and deep forensic analysis across endpoints, network captures, and cloud evidence.
  
• Design, implement, and tune advanced SIEM detection use-cases, YARA rules, and correlation logic.
  
• Architect SOAR playbooks and automation to scale response and reduce mean time to detect/respond.
  
• Conduct malware analysis, memory forensics, and attribution where required.
  
• Integrate threat intelligence into operational detection and response pipelines (IOC/BIOC operationalization).
  
• Drive SOC strategy: tooling selection, process improvement, purple-team exercises, and SOC maturity initiatives.
  
• Mentor and train L1/L2 analysts; lead incident post-mortems and remediation programs.
  
• Act as incident commander for high-severity events and communicate technical findings to stakeholders.
  

Requirements (Must-have)

• 5+ years experience in Security Operations, Incident Response, or Digital Forensics.
  
• Deep, demonstrable expertise with SIEM (Splunk, Elastic, Sentinel, QRadar) and EDR/XDR solutions.
  
• Strong background in network and endpoint forensics, packet analysis (Wireshark, Zeek), and malware analysis workflows.
  
• Skilled in scripting for automation and forensic data collection (Python, PowerShell, Bash).
  
• Experience designing SOAR playbooks and mature detection engineering practices.
  
• Excellent English communication for reporting and stakeholder engagement.
  
• Proven leadership and mentoring experience within a SOC or incident response team.
  
• Willingness to work onsite in Jakarta Pusat and participate in on-call rotations.
  
• Availability to start within this week or next is preferred.
  

Preferred Qualifications

• Advanced certifications: GCFA, GCIH, GCIA, CISSP, OSCP, or equivalent.
  
• Experience operating within 24/7 SOC environments and supporting international clients.
  
• Familiarity with cloud-native detection strategies and cloud forensics (AWS/Azure/GCP).
  
• Experience with memory forensics, sandboxing, and advanced reverse engineering.
  

Tools & Technologies You May Use

Splunk / Elastic / Microsoft Sentinel, Cortex XSOAR / Demisto, CrowdStrike / SentinelOne / Carbon Black / Defender, Wireshark, Zeek, Volatility (memory forensics), sandbox tools, Python/PowerShell, Kibana, threat-intel platforms.

Benefits & Total Rewards

• Private insurance coverage including medical & dental.
  
• BPJS Kesehatan and BPJS Ketenagakerjaan (BPJS TK).
  
• Paid Time Off (PTO) per company policy and Indonesian labor law.
  
• E-cash allowance redeemable for work equipment, certifications, or approved work expenses.
  
• Performance-based incentives and competitive senior-level compensation.
  
• Sponsorship for advanced certifications and training, plus leadership development.
  
• Onsite professional environment in Jakarta Pusat, working with international partners.
  
• Significant influence on SOC tooling, processes, and strategic direction.