Kerja Sepenuh Masa, Cybersecurity Analyst, SG di JERA Global Markets - Maukerja

Responsibilities

The Cybersecurity Analyst will join JERAGM's Information Security team to help protect the company's global Azure-based technology environment. This includes corporate platforms, cloud infrastructure, trading systems, endpoints, and identities. This is a hands-on, implementation-focused role for someone who enjoys building, configuring, automating, and improving security controls.

The role will work closely with Platform, IT, and business teams to embed security into systems, pipelines, and day-to-day operations. It will provide exposure to DevSecOps, cloud security, endpoint and identity security, detection and response, vulnerability management, governance, and emerging AI security risks. The successful candidate will learn quickly, take ownership of operational security tasks, and improve security outcomes through automation, measurable controls, and clear reporting.

Cloud Security, DevSecOps and Automation

• Implement security guardrails across JERAGM's Azure environment using 3rd party and Azure security services including Defender for Cloud, Defender for Containers, Azure Policy, etc.
• Integrate security controls into CI/CD pipelines using Azure DevOps.
• Automate recurring security tasks (control checks, evidence collection, access reviews, remediation tracking) using PowerShell, Python, Bash, Bicep, Terraform, Azure DevOps, Jira and AI.
  
  

IT, Endpoint, and Identity Security

• Maintain endpoint security using Intune and Defender for Endpoint, including compliance policies, hardening baselines, encryption, and attack surface reduction rules.
• Support Entra ID controls: conditional access, MFA, privileged roles, identity protection, and managed/workload
• Operate and tighten Microsoft 365 and SaaS security configurations, including app consent, audit logging, DLP, and email security
  
  

Security Operations

• Triage and investigate alerts across Sentinel, Darktrace, Defender, and other platforms, responding to phishing, malware, and account compromise events.
• Build and tune detections, alert rules, and hunting queries across endpoint, identity, cloud, SaaS, and network sources.
• Coordinate vulnerability management: risk-based triage, remediation follow-up, and reporting to system owners.
  
  

Governance

• Maintain security policies, standards, and procedures aligned with ISO 27001, NIST CSF, CIS, GDPR, and PDPA.
• Document runbooks, procedures, and automation workflows to support knowledge sharing across global IT and security teams.
• Build dashboards and reports using Sentinel workbooks, KQL, Power BI, Grafana, or similar tools for technical and leadership audiences.
  
  

Qualifications

Core Requirements / Qualifications:

• 1-3 years of experience in cybersecurity, IT, cloud, infrastructure, DevOps, or a related technical role.
• Ability to write useful automation using PowerShell, Python, Bash, or similar scripting languages, with working familiarity in Git, CI/CD tooling, infrastructure-as-code concepts, and cloud security fundamentals.
• Foundational understanding of cloud, endpoint, identity, networking, vulnerability management, and incident response concepts, with the ability to investigate alerts, document findings, and explain technical issues clearly to both technical and non-technical stakeholders.
  
  

Desirable Skills:

• Hands-on exposure to tools such as Microsoft Sentinel, Defender for Endpoint, Intune, Entra ID, KQL, Grafana, or equivalent SIEM, XDR, CSPM, SASE, endpoint, and reporting platforms.
• Security certifications such as Security+, SC-900, AZ-500, or equivalent vendor credentials would be advantageous, as would familiarity with AKS, Kubernetes security, Terraform or Bicep, OWASP Top 10, OWASP LLM Top 10, MITRE ATT&CK, MITRE ATLAS, STRIDE, ISO 27001, NIST CSF, CIS, GDPR, or PDPA.
  
  

Other Information

This role offers an excellent opportunity to further develop skills and responsibility within a growing and successful commodity trading business.

JERA Global Markets is committed to promoting equality, diversity, and inclusion in the workplace. We are an equal opportunities employer and value the diversity of our workforce.