Cybersecurity & Compliance Analyst

About MixWork & Our Client

MixWork is the premier HR outsourcing partner for strategic workforce solutions, empowering brands and global organizations with skilled, dedicated, and professional top-tier regional teams from South East Asia to accelerate their business growth. On behalf of our client, a premier, household-name retail enterprise headquartered in Singapore with a well-established international footprint and a heritage of quality and operational excellence, we are seeking a dedicated professional to join their team as they actively modernize their omni-channel capabilities and leverage a sophisticated regional technology footprint to support their digital and brick-and-mortar operations.

Role Summary

Own our client's internal IT security governance and compliance posture, and serve as an independent check-and-balance on our client's outsourced MSSP (Managed Security Service Provider). While the MSSP handles SOC operations, CrowdStrike EDR management, firewall management, and NG-SIEM monitoring, this role must have sufficient technical understanding of those platforms to critically review MSSP outputs, challenge findings, identify gaps in MSSP coverage, and provide the Head of IT with an independent assessment of our client's security posture. This person cannot simply accept MSSP reports at face value, they must have the knowledge to know what good looks like, what should have been detected but was not, and whether remediation actions are appropriate.

Key Responsibilities

• Serve as our client's independent internal security check-and-balance against the MSSP: review monthly MSSP reports (CrowdStrike EDR threat summary, Fortinet/WatchGuard firewall analysis, NG-SIEM incident report) with sufficient technical depth to identify gaps, missed detections, or inadequate responses, and escalate concerns to the Head of IT.
• Manage the MSSP SLA: own the relationship, track KPIs, drive remediation timelines for identified vulnerabilities, and hold the MSSP accountable for SLA compliance.
• Manage our client's Microsoft 365 security posture independently: Microsoft Defender for M365, Conditional Access policies, DLP policies, Microsoft Purview sensitivity labels, and Microsoft Intune endpoint compliance.
• Own identity and access governance across all our client’s systems: Entra ID RBAC, Privileged Identity Management (PIM), quarterly access reviews across all SaaS platforms and Azure.
• Own and maintain our client's IT Security Policy, Acceptable Use Policy, Data Classification Policy, and Incident Response Plan.
• Support the Head of IT (DPO) with PDPA compliance: Data Processing Agreement register, DPIAs for new system onboarding, ROPA maintenance, and data breach response coordination.
• Conduct annual security awareness training for all our client’s staff (Singapore and Jakarta); run biannual phishing simulation campaigns.
• Assess new SaaS platforms from a security perspective: data access review, access control configuration, and DPA agreement completion.

Required Qualifications & Experience

• Minimum 5 years of IT security experience, combining hands-on Microsoft 365 security stack knowledge with security governance capability.
• SC-200 (Microsoft Security Operations Analyst Associate) or equivalent certification required.
• Working knowledge of CrowdStrike Falcon (EDR platform): sufficient to understand prevention policies, detection logic, and threat hunt outputs, able to interrogate MSSP CrowdStrike reports and identify whether detections and responses are appropriate. Full CCFR certification is not required; credible technical familiarity is.
• Working knowledge of NG-SIEM platforms (WatchGuard or equivalent) and firewall security (Fortinet/WatchGuard): sufficient to review MSSP threat analysis and challenge findings where appropriate.
• Demonstrable experience managing Conditional Access policies, PIM, and RBAC in a production Azure/M365 environment.
• Practical PDPA or equivalent data protection compliance experience.
• English proficiency at B2 minimum (IELTS 6.0); mandatory assessment at interview.
• Demonstrated proactive independence: surfaces security gaps without being prompted; challenges MSSP outputs with evidence; drives remediation without being managed.

Technical Proficiency

• Microsoft 365 security: Defender for M365, Conditional Access, PIM, DLP, Microsoft Purview, Microsoft Intune.
• Azure Entra ID: RBAC, security groups, Privileged Identity Management, Identity Protection.
• CrowdStrike Falcon: working knowledge of the platform, prevention policies, detection triage, and threat hunt report interpretation. Sufficient to independently review MSSP outputs.
• NG-SIEM (WatchGuard or equivalent): ability to read and critically interpret SIEM alert reports, correlation rules, and incident summaries provided by the MSSP.
• Firewall security (Fortinet/WatchGuard): understanding of firewall threat analysis reports and rule logic, sufficient for informed review of MSSP firewall management.
• Security governance: policy authoring, risk register management, DPA and ROPA documentation.
• PDPA compliance framework: DPIA process, breach notification procedures, data retention policy.
• Nice to Have
• CISSP, CISM, or AZ-500 certification.
• CrowdStrike CCFR or CCFA certification (advantageous for deeper MSSP oversight).
• PDP compliance experience.
• NIST CSF or ISO 27001 familiarity.

Statutory Provisions & Compliance

• Full Legal Compliance: Official employment contract managed under MixWork Indonesia, ensuring complete adherence to local labor laws and employment standards.
• Healthcare & Social Security: Full registration and contributions for both BPJS Kesehatan and BPJS Ketenagakerjaan to ensure comprehensive coverage.
• Religious Holiday Allowance: Guaranteed annual mandatory Religious Holiday Allowance (THR) paid in accordance with statutory government regulations.

What We Offer

• Flexible Medical Benefit: Comprehensive healthcare coverage fully inclusive of dental, optical, outpatient care, and wellness treatments to support your overall well-being.
• Daily Allowances: Competitive transportation and meal allowances to support your operational needs.
• Workstation Provisioning: High-performance corporate laptop and necessary technical equipment provided.
• Regional Ecosystem: Access to ongoing global corporate alignment, dedicated HR support, and a stable, creative career trajectory with a premier international brand.

Important Notes

• Language Requirement: As this is an international role, please note that all screenings and interviews will be conducted exclusively in English.
• Equal Opportunity Employer: MixWork is committed to creating an inclusive, diverse, and fair workplace culture. We value talent and capability above all else, completely free from discrimination or bias.