Associate Security Operations Specialist

Why Join IDX

• Not Just Any Brands: See your work come to life for iconic brands like Vodafone, Rolls Royce and Diageo.
• Collaborative Spirit: Work alongside passionate innovators who share your thirst for progress.
• Continuous Learning: Grow your skills with ongoing training, mentorship, and the freedom to experiment.
• Fast Paced & Fun: Thrive in a dynamic environment where big ideas and bold action collide.
• Cutting-Edge Technology: Play with the latest analytics tools, use AR to build immersive digital events, and explore the future of brand storytelling!
• Global Presence: We Get It Done morning, day and night with offices across multiple time-zones!

Our Perks:

• 29 paid annual leave days.
• 10 Festival holidays (including 1 optional Holiday for your special day through the year).
• Family Insurance Plan.
• Accident Insurance Plan.
• Regular Wellness Sessions.
• Regular Rewards & Recognition.
• Opportunity to participate in CSR.
• Opportunity to participate and involve in Cultural and Sporting Events.

The Gig:

The Associate Security Operations Specialist plays a critical role in strengthening the organization's cybersecurity posture by supporting vulnerability assessment, penetration testing, web application firewall management, security monitoring, and incident detection. This role is designed to build strong hands-on expertise through collaboration with senior security professionals while contributing directly to detection, protection, and response activities across systems, networks, and applications.
The position requires strong analytical skills, a security-first mindset, and a willingness to continuously learn evolving attack techniques, tools, and defensive strategies.

What You'll Be Doing:

Vulnerability Assessment and Penetration Testing (VAPT)

• Assist in conducting vulnerability assessments and penetration tests across infrastructure, networks, cloud environments, web applications, and APIs.
• Perform authenticated and unauthenticated scans to identify security weaknesses, misconfigurations, and exposure risks.
• Learn and utilize industry-standard tools such as Nessus, OpenVAS, Metasploit, and similar security testing platforms.
• Support manual validation of identified vulnerabilities to reduce false positives.
• Assist senior team members in analyzing findings, determining risk severity, and prioritizing remediation actions.
• Help prepare clear and actionable vulnerability assessment and penetration testing reports.
• Contribute to the development and continuous improvement of vulnerability management processes, workflows, and standard operating procedures (SOPs).
• Track remediation progress and validate fixes through re-testing activities.
  
  Web Application Firewall (WAF) Management

• Support the configuration, deployment, and day-to-day management of Web Application Firewalls protecting internet-facing and internal web applications.
• Assist in implementing security rules to defend against common web attacks such as SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), file inclusion, and bot-based attacks.
• Monitor WAF logs, alerts, and dashboards to identify suspicious or malicious activity.
• Assist in investigating WAF alerts and escalating potential incidents as per defined procedures.
• Support fine-tuning of WAF policies to balance strong security controls with minimal impact on legitimate business traffic.
• Collaborate with application developers and DevOps teams to ensure secure application design and adherence to security best practices.
• Assist in documenting WAF configurations, rule changes, and exception handling processes.
  
  Log Analysis and SIEM Operations

• Gain hands-on experience analyzing security logs from multiple sources including firewalls, IDS/IPS, servers, endpoints, applications, and cloud platforms.
• Learn to operate and analyze data using SIEM and log management tools such as Splunk, ELK Stack (Elasticsearch, Logstash, Kibana), and Graylog.
• Assist in correlating log data across multiple sources to identify anomalies, suspicious behavior, and potential security incidents.
• Support the creation, tuning, and maintenance of custom queries, alerts, and dashboards for enhanced visibility.
• Assist senior analysts in root-cause analysis and forensic investigation based on log evidence.
• Ensure log integrity, retention, and compliance with internal policies and regulatory requirements.
  
  Detection, Monitoring, and Incident Support

• Assist in continuous monitoring of security alerts generated by IDS/IPS, SIEM platforms, endpoint protection solutions, and other security tools.
• Learn to triage alerts by assessing severity, impact, and likelihood to distinguish between false positives and genuine threats.
• Gain understanding of common Indicators of Compromise (IOCs), attack vectors, and adversary techniques.
• Support investigation of confirmed incidents and assist in containment, eradication, and recovery activities under guidance.
• Contribute to the development, testing, and tuning of detection rules, correlation logic, and signatures.
• Assist in maintaining incident response readiness through drills, simulations, and post-incident reviews.
  
  Collaboration, Documentation, and Knowledge Sharing

• Work closely with SOC analysts, security engineers, IT operations, and development teams to support security initiatives.
• Assist in maintaining accurate and up-to-date documentation including playbooks, SOPs, runbooks, and incident response procedures.
• Support compliance and audit-related activities by providing required security evidence and documentation.
• Participate in internal knowledge-sharing sessions, cross-training programs, and continuous improvement initiatives.
• Stay updated with emerging threats, vulnerabilities, tools, and industry best practices.

About You:

• Experience: 6 months to 4 years in Information Security / Cyber Security / SOC / VAPT

• Vulnerability Assessment & Penetration Testing (VAPT)

• Authenticated & Unauthenticated Vulnerability Scanning

• Hands-on with tools such as Nessus, OpenVAS, Metasploit

• Understanding of OWASP Top 10 vulnerabilities

• Web Application Firewall (WAF) configuration & monitoring

• Knowledge of SQL Injection, XSS, CSRF, and common web attacks

• Log Analysis & SIEM Operations (Splunk / ELK Stack / Graylog)

• Security Event Monitoring & Alert Triage

• IDS/IPS concepts and monitoring

• Basic Incident Response & Root Cause Analysis

• Indicators of Compromise (IOCs) and threat analysis

• Vulnerability reporting and documentation

• Network Security fundamentals

• Collaboration with SOC, IT, and DevOps teams

About Us

IDX isn't your average communications company. With over 20 years industry experience and a portfolio of prominent global clients, our award-winning communication solutions are seen by billions every month across a global audience.

We seek The Bold. Shatter expectations, push boundaries - that's the fuel that ignites our powerhouse team. Collaboration is our superpower, where we bring expertise and individuality to elevate and deliver. Rising Stars with boundless hunger, this is your launchpad. Seasoned pros who want to define their Legacy in the industry, this is your home. Be BOLD - Own Your Story at IDX.

An Inclusive Workplace

IDX is an Equal Opportunity Employer. We aim to foster an environment that desires and recruits diverse talent, cultivates a culture that celebrates all identities, life experiences, perspectives, and ensures equal opportunity for all.