Product Security - Internship

Bengaluru

Applications have closed

Gojek

Gojek is Southeast Asia’s leading on-demand platform and a pioneer of the multi-service ecosystem model, providing access to a wide range of services including transportation, food delivery, logistics and more.

View company page

About the Role
Gojek is looking for talented, highly motivated university students for our Product Security team to help increase the security posture across Gojek. Our future talent will be interns as Information Security. You will wear many hats as you jump into a fast-paced environment and produce results. We value an open culture, like-mindedness & appreciate people from varied security backgrounds and hence we are most willing to work with growth mindset people. You can be part of the journey making path-breaking outcomes that will influence not only your aspirations to lead a career within Information Security but also impact the achievement of Gojek’s mission.

What You Will Do

  • Participate in the development of a small to medium complexity security project, process, or initiative within their technical focus area (cloud security, identity access management, vulnerability management, penetration testing, automation, test/abuse case research, QA etc)
  • Assist Product security teams to review their design/architecture, perform risk assessments, and provide suitable control recommendations as appropriate.
  • Assist the team to build, test, document, and roll out proactive security controls organization-wide.
  • Build reports/dashboards around to capture and present the progress on OKRs and KPIs to stakeholders.
  • Identify additional areas of opportunity and means for knowledge sharing practices across teams
  • Codify the learnings into reusable knowledge snippets/artifacts besides curating the same for continual consumption 

What You Will Need

  • Currently has, or is in the process of obtaining a Bachelor’s or Master’s Degree in Information Technology, Computer Science, Computer Engineering, Information Systems, or relevant technical field experience in a security domain.
  • Knowledgeable in different layers of security such as Network Security, Application Security, and Data security.
  • Some hands-on homework experience on pen testing mobile apps, websites, networks. 
  • Contribution to  bug bounty programs, hacktivist fests, CTF challenges, Open Source and a Github profile would be a plus.
About the Team
Gojek's Information Security team is a group of 70+ security engineers based primarily out of Bengaluru, Singapore, and Indonesia. The Product Security team, a sub-pod of the InfoSec team at Gojek, helps ensure that all applications, products, services, and platforms are being developed with adequate control measures to avoid security breaches, fraud, or abuse. To achieve this, we closely work with our product engineers and build secure software deployed within our cloud infrastructure. Additionally, we run the Gojek bug bounty programs and provide product security incident response capabilities.
Our mission is to enable Gojek engineering teams to build secure software while providing them the appropriate security context to make decisions and ultimately make Gojek the most trusted and safest platform to transact, eat, travel, and have fun 😊
As a team, we are concerned with the growth and safety of the company, and each other's personal growth and well being too. With WFH becoming more normalized, you best believe we have been sharing our favorite ways to prioritize a healthy work-life balance at home. Along with our desire to utilize smart technology and innovative engineering strategies to make people's lives easier, our team also bonds over our shared love for tea, and the latest movies & TV shows.

About Gojek
Gojek is a Super App. It is one app for ordering food, commuting, digital payments, shopping, hyper-local delivery, and a dozen other products. We are Indonesia’s first decacorn. We are  also the only Southeast Asian startup to be part of Fortune's list of 'Companies That Changed The World.'
Our Mission: To create and scale positive socio-economic impact for our customers, driver-partners, business, and MSMEs.
As of 2018, Gojek processed more than $9 billion in annualized gross transaction value across all markets where it operates - in Singapore, Vietnam, and Indonesia. We have the largest food delivery product in Asia (outside of China) and is the largest payments wallet in Southeast Asia.
Gojek contributed IDR 249 T to the Indonesian economy (equivalent to 2% of Indonesia's GDP in 2020). As of Q1 2021, the Gojek App witnessed over 190mn downloads by customers. The platform has over 2mn Driver Partners & ~900000 Merchant Partners across SEA.
About GoTo Financial
GoTo Financial brings secure, reliable, and user-friendly financial solutions to over 55 million monthly active users, more than 14 million merchants, and over 2.5 million driver-partners eager to benefit from the digital economy in the GoTo ecosystem.
GoTo Financial’s consumer services include GoPay, GoPayLater, and other financial services. We also serve businesses of all sizes through leading payment gateway Midtrans, Indonesia’s largest cloud POS network Moka and GoKasir. We also have the all-in-one merchant solution GoBiz, GoBiz Plus, GoStore, and Selly - available in Indonesia and Southeast Asia.
Gojek and GoTo Financial are committed to building a diverse and inclusive workplace and are equal opportunity employers. We do not discriminate on the basis of race, religion, national origin, gender, gender identity, sexual orientation, disability, age, education status, or any other legally protected status.

Tags: Application security Automation Cloud Computer Science CTF GitHub Incident response KPIs Network security OKR Open Source Pentesting Product security Risk assessment Vulnerability management

Perks/benefits: Career development Startup environment

Region: Asia/Pacific
Country: India
Job stats:  30  14  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.