Information Security Analyst (Indonesia, USA Working Hours)

The Opportunity:

We are looking for an experienced Information Security Analyst to join our security team. PLEASE NOTE: the role will require that you work USA hours though.

You will help protect our digital assets, detecting and responding to security incidents, and ensuring the continuous improvement of our security posture. You will work to identify security risks, develop, and implement security frameworks, and ensure the integrity and confidentiality of our IT systems and data.

You will be responsible for all KPIs related to cyber security. You will expect to coordinate implementation of all information security related processes together with others at Rainforest Alliance. You will also handle and coordinate task/activities by firms/individuals contracted to provide information security services, working to ensure peers, senior and junior colleagues deliver necessary environment improvements expediently.

You will have a strong technical background. You will also have confirmed hands-on experience in securing Microsoft cloud environments, including Azure, Entra ID, Microsoft 365, Purview, and Defender Suite. Additionally, they will have experience implementing endpoint hardening strategies and using advanced security tools.

Responsibilities:

Security Operations and Incident Response:

• Participate in security incident response activities, including investigation, containment, eradication, recovery, and post-incident analysis.

• Monitor security alerts from various sources (SIEM, EDR, cloud logs) and respond to security incidents promptly.

Security Awareness & Training:

• Contribute to the development and delivery of security awareness training for employees, being a domain authority for security best practices.

Collaboration:

• Work with all IT teams, Enterprise Architecture, PMO and other stakeholders to ensure security is integrated into all aspects of our infrastructure and applications at the design and requirements stage.

Reporting:

• Create weekly and monthly reporting packs, demonstrating rolling position on vulnerabilities, threats, progress against plan on important security projects.

Risk Management:

• Conduct risk assessments and participate in security design reviews to ensure appropriate mitigations are in place for new services and system changes (shifting security left).

Azure Security:

• Administer and configure Azure security services (e.g., Azure Security Centre/Defender for Cloud, Defender for Endpoint, Azure Network Security Groups, Azure Key Vault, Azure Firewall etc).

• Monitor Azure environments for security threats, vulnerabilities, and misconfigurations.

Entra ID (Azure AD) Security:

• Lead and secure Entra ID (Azure Active Directory) including Conditional Access Policies, Multi-Factor Authentication (MFA), Identity Governance, and Privileged Identity Management (PIM).

• Monitor Entra ID for suspicious activity and unauthorised access attempts.

• Implement Zero Trust principles, ensuring least privilege access, secure authentication flows, and continuous risk-based conditional access.

Microsoft 365 Administration & Security:

• Secure Microsoft 365 services (Exchange Online, SharePoint Online, OneDrive, Teams, etc.), looking after user access, data governance, and threat protection within the Microsoft 365 ecosystem.

• Configure and optimise Microsoft 365 security features (e.g., Defender for Office365, Data Loss Prevention (DLP), Microsoft Purview + compliance policies).

Endpoint Hardening:

• Develop, implement, and maintain security baselines and hardening standards for endpoints (Windows, macOS, Linux).

• Configure and handle Microsoft Entra Domain Services based Group Policies (GPOs) and equivalent Mobile Device Management (MDM) solutions for security settings.

XDR:

• Administer, configure, and optimise RA's XDR service, currently Crowdstrike Falcon but planned for migration to Microsoft Defender XDR.

• Monitor alerts and dashboards for endpoint security incidents and threats, perform threat hunting and incident response activities using CrowdStrike data.

• Develop and refine custom detections and response playbooks within CrowdStrike.

Vulnerability Scanning:

• Identify and prioritise remediation of CVE-aligned vulnerabilities

• Provide reporting to IT leadership on progress against remediation targets

• Devise reporting dashboards for senior IT leadership

Required Qualifications:

• Minimum of 3 years of hands-on experience in an information security role.

• Proven working experience and deep understanding of Azure security services and best practices.

• Extensive hands-on experience with Entra ID (Azure Active Directory) and Microsoft 365 security administration.

• Demonstrable experience with endpoint hardening methodologies and implementation.

• Hands-on administration and operational experience with CrowdStrike Falcon platform.

• Experience with security incident response and threat hunting.

• Solid understanding of networking concepts.

• Familiarity with security frameworks (e.g., Cyber Essentials, NIST, ISO 27001).

Benefits of working at the Rainforest Alliance:

Apply now and let's grow together. We look forward to hearing from you and exploring how your skills can help us advance our mission.

Level: 4

Deadline: 29 May 2026

Salary: Commensurate with experience

Notes: Only candidates legally authorized to work in Indonesia will be considered.

If you have any questions about the job vacancy, please contact the HR department: recruitment@ra.org

The Rainforest Alliance encourages diversity and inclusion across the global organization. With this commitment to diversity, we are proud to be an equal opportunity employer and do not discriminate on the basis of gender, race, color, ethnicity, religion, sexual orientation, gender identity, ages, disability and any other protected group.