The Opportunity:

We are seeking an experienced and highly motivated Information Security Analyst to join our security team.

This role will be critical in protecting our digital assets, detecting and responding to security incidents, and ensuring the continuous improvement of our security posture.

You will work proactively to identify security risks, develop, and implement security frameworks, and ensure the integrity and confidentiality of our IT systems and data.

The successful candidate will be responsible for all KPIs related to cyber security. You will be expected to coordinate implementation of all information security related processes in conjunction with others at Rainforest Alliance. You will also be handling and coordinating task/activities by firms/individuals contracted to provide information security services, working to ensure peers, senior and junior colleagues deliver necessary environment improvements effectively and expediently.

The ideal candidate will have a strong technical background and confirmed hands-on experience in securing Microsoft cloud environments (Azure, Entra ID, Microsoft 365, Purview, Defender Suite), implementing endpoint hardening strategies, and using advanced security tools.

Key Responsibilities:

Security Operations & Incident Response:

• Participate in security incident response activities, including investigation, containment, eradication, recovery, and post-incident analysis.
• Monitor security alerts from various sources (SIEM, EDR, cloud logs) and respond to security incidents in a timely manner.
• Develop and maintain security documentation, including procedures, runbooks, and incident response plans.
• Conduct vulnerability assessments and assist in penetration testing remediation efforts.

Security Awareness & Training:

• Contribute to the development and delivery of security awareness training for employees, acting as a domain authority for security best practices.

Collaboration:

• Work closely with all IT teams, Enterprise Architecture, PMO and other stakeholders to ensure security is integrated into all aspects of our infrastructure and applications at the design and requirements stage.
• Through reporting, monitoring and alerting, find opportunities for automation and improvement of RA security posture, including exception handling of threat alerts, patches, system and software vulnerabilities.

Reporting:

• Creation of weekly and monthly reporting packs, demonstrating rolling position on vulnerabilities, threats, progress against plan on key security initiatives.

Risk Management:

• Conduct risk assessments and participate in security design reviews to ensure appropriate mitigations are in place for new services and system changes (shifting security left).

Azure Security:

• Administer and configure Azure security services (e.g., Azure Security Centre/Defender for Cloud, Defender for Endpoint, Azure Network Security Groups, Azure Key Vault, Azure Firewall etc).
• Monitor Azure environments for security threats, vulnerabilities, and misconfigurations.
• Implement and make sure security best practices within Azure IaaS and PaaS deployments, audit Azure resources for compliance.

Entra ID (Azure AD) Security:

• Lead and secure Entra ID (Azure Active Directory) including Conditional Access Policies, Multi-Factor Authentication (MFA), Identity Governance, and Privileged Identity Management (PIM).
• Monitor Entra ID for suspicious activity and unauthorised access attempts.
• Implement Zero Trust principles, ensuring least privilege access, secure authentication flows, and continuous risk-based conditional access.

Microsoft 365 Administration & Security:

• Secure Microsoft 365 services (Exchange Online, SharePoint Online, OneDrive, Teams, etc.), looking after user access, data governance, and threat protection within the Microsoft 365 ecosystem.
• Configure and optimise Microsoft 365 security features (e.g., Defender for Office 365, Data Loss Prevention (DLP), Microsoft Purview + compliance policies).

Endpoint Hardening:

• Develop, implement, and maintain security baselines and hardening standards for endpoints (Windows, macOS, Linux).
• Configure and handle Microsoft Entra Domain Services based Group Policies (GPOs) and equivalent Mobile Device Management (MDM) solutions for security settings.
• Ensure secure configuration and patch management across all endpoints.
• Report on exceptions to relevant Team Managers and ensure mitigation is undertaken, through regular engagement.

XDR:

• Administer, configure, and optimise RA’s XDR service, currently Crowdstrike Falcon but planned for migration to Microsoft Defender XDR.
• Monitor alerts and dashboards for endpoint security incidents and threats, perform threat hunting and incident response activities using CrowdStrike data.
• Develop and refine custom detections and response playbooks within CrowdStrike.

Vulnerability Scanning:

• Identify and prioritise remediation of CVE-aligned vulnerabilities
• Provide reporting to IT leadership on progress against remediation targets
• Notify IT teams of emerging high/critical vulnerabilities and coordinate remediation planning
• Devise reporting dashboards for senior IT leadership

Required Qualifications:

• Minimum of 3 years of hands-on experience in an information security role.
• Proven working experience and deep understanding of Azure security services and best practices.
• Extensive hands-on experience with Entra ID (Azure Active Directory) and Microsoft 365 security administration.
• Demonstrable experience with endpoint hardening methodologies and implementation.
• Hands-on administration and operational experience with CrowdStrike Falcon platform.
• Experience with security incident response and threat hunting.
• Solid understanding of networking concepts.
• Familiarity with security frameworks (e.g., Cyber Essentials, NIST, ISO 27001).
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and as part of a team in a fast-paced environment.
  

Preferred Qualifications:

• Relevant security certifications (e.g., AZ-500 Microsoft Certified: Azure Security Engineer Associate, SC-200 Microsoft Certified: Security Operations Analyst Associate, CompTIA Security+, CISSP, GIAC certifications).
• Experience with scripting languages (e.g., PowerShell, Python) for automation and security tasks.
• Knowledge of cloud security posture management (CSPM) tools.
• Demonstrable experience with other EDR/XDR solutions.
• Understanding of regulatory and technical compliance requirements (e.g., GDPR, HIPAA, PCI DSS, CIS, NIST, ISO27001).

Level: 4

Deadline: 26 December 2025

Salary: Commensurate with experience

Notes: Only candidates legally authorized to work in Indonesia will be considered.

If you have any questions about the job vacancy, please contact the HR department: recruitment@ra.org

The Rainforest Alliance encourages diversity and inclusion across the global organization. With this commitment to diversity, we are proud to be an equal opportunity employer and do not discriminate on the basis of gender, race, color, ethnicity, religion, sexual orientation, gender identity, ages, disability and any other protected group.