Product Security Engineer - Merchant Platform
Jakarta
Applications have closed
Gojek
Gojek is Southeast Asia’s leading on-demand platform and a pioneer of the multi-service ecosystem model, providing access to a wide range of services including transportation, food delivery, logistics and more.If you’re looking to be a part of a dynamic, highly-analytical team and an opportunity to dive deep into projects surrounding Product Security, look no further.As our Product Security Engineer for Merchant Platform, you’ll take the wheel in building and maintaining our product security program and. Along with conducting product security, you will be in charge of ensuring security best practices implementation within the Merchant Platform product and infrastructure.
Working closely with data and engineering, you will get to provide a secure platform for our merchants, partners, and consumers. The cherry on top: you’ll get to be a part of a team that works to provide the best protection by having a high standard of information security.
What You Will Do
- Provide technical solution for IT operation and software development team to design a secure application & infrastructure environment, perform penetration testing on application, and maintain the application and infrastructure to fulfill the security best practices
- Designs, develops and maintains small to medium complexity security features and/or process changes with some guidance from more experienced team members.
- Handle and report security incidents and/or findings and communicate to respective stakeholders
- Contribute to automation of security testing based on part of secure SDLC
- Concise documentation for security use cases and operational improvements
- Collaborates in security reviews that follow the standards and practices of information security best practices that are recognized by their team member
- Maintain an up to date information on newest security vulnerability and document plan on mitigation process
What You Will Need
- Have knowledge on Mobile and Web App Security, Vulnerability Management and Penetration Testing
- Preferable to have knowledge on other cyber security domains such as Identity Access Management, DevSecOps, Incident Response, Cloud Security, Zero Trust, etc.
- A strong acumen and understanding of tech architecture for cloud native and microservices based web and mobile applications
- Detailed working knowledge of low-level network protocols (e.g. HTTP, IPv4, TCP, UDP, ICMP, Ethernet, and 802.11), Penetration Testing, Linux/Unix system, Orchestration (Docker, Kubernetes), and Cloud Security
- Have knowledge in penetration testing, documentation, and great attention to detail
- Detailed working knowledge of programming skills for IT security automation, such as python, PHP, or bash scripting
- Preferable to hold IT Security certifications such as OSCP, eWPT, or similar certification
- Demonstrated good communication, interpersonal skills, and Speak and write in English with business-level fluency
The Product Security team in Merchant Platform is responsible for driving security and privacy by design within the product lifecycle and engineering processes besides continuously researching and responding to evolving threats which could impact Merchant Platform product’s viability to service its customers and merchants and remain compliant to the local laws and regulations as amicable. We are a small team of 13 people based in Jakarta.
The great thing about having a small team is that we've all naturally grown very close, both professionally and personally, and really rely on each other to get the job done. Since we started WFH, our team has had a bi-weekly "fun hour" on Thursdays via Zoom. We use the time to share knowledge, update each other on our lives, sometimes work on a joint side project for research and learning, or simply play online games together!
About Gojek
Gojek is a Super App. It is one app for ordering food, commuting, digital payments, shopping, hyper-local delivery, and a dozen other products. We are Indonesia’s first decacorn. We are also the only Southeast Asian startup to be part of Fortune's list of 'Companies That Changed The World.'
Our Mission: To create and scale positive socio-economic impact for our customers, driver-partners, business, and MSMEs.
As of 2018, Gojek processed more than $9 billion in annualized gross transaction value across all markets where it operates - in Singapore, Vietnam, and Indonesia. We have the largest food delivery product in Asia (outside of China) and is the largest payments wallet in Southeast Asia.
Gojek contributed IDR 249 T to the Indonesian economy (equivalent to 2% of Indonesia's GDP in 2020). As of Q1 2021, the Gojek App witnessed over 190mn downloads by customers. The platform has over 2mn Driver Partners & ~900000 Merchant Partners across SEA.
About GoTo Financial
GoTo Financial brings secure, reliable, and user-friendly financial solutions to over 55 million monthly active users, more than 14 million merchants, and over 2.5 million driver-partners eager to benefit from the digital economy in the GoTo ecosystem.
GoTo Financial’s consumer services include GoPay, GoPayLater, and other financial services. We also serve businesses of all sizes through leading payment gateway Midtrans, Indonesia’s largest cloud POS network Moka and GoKasir. We also have the all-in-one merchant solution GoBiz, GoBiz Plus, GoStore, and Selly - available in Indonesia and Southeast Asia.
Gojek and GoTo Financial are committed to building a diverse and inclusive workplace and are equal opportunity employers. We do not discriminate on the basis of race, religion, national origin, gender, gender identity, sexual orientation, disability, age, education status, or any other legally protected status.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Bash Cloud DevSecOps Docker eWPT Incident response Kubernetes Linux Microservices OSCP Pentesting PHP Privacy Product security Python Scripting SDLC UNIX Vulnerability management
Perks/benefits: Career development Flex vacation Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs