Senior Incident Responder
Jakarta
Applications have closed
Gojek
Gojek is Southeast Asia’s leading on-demand platform and a pioneer of the multi-service ecosystem model, providing access to a wide range of services including transportation, food delivery, logistics and more.As part of our security operations function we need an experienced firefighter that can expertly own, manage, respond and investigate cyber security incidents. The scope can include digital forensic investigation in combination with containment, remediation, root-cause analysis of security incidents and vulnerabilities. The role is also expected to develop elegant solutions to complex problems and apply appropriate technologies while following security engineering best practices.
What You Will Do
- Monitoring, identification and response to cyber security incidents
- Cyber security investigation at the network, endpoint and cloud
- Host based and Network packet capture/traffic analysis
- Security Incident Event Management (SIEM) design, implementation, rule development and finetuning to detect security incidents and anomalies
- Conduct research and analysis on local and worldwide cyber threat streams against Gojek
- Build relationships with stakeholders and leadership across the organization to influence changeand drive consistency with Security Operations (SecOps) standards
- Collaborate and provide oversight and guidance for periodic security assessments to ensurecompliance with corporate security policies and alignment to best practices
- Support operational security remediation activities resulting from security assessments, penetrationtests, red team exercises
What You Will Need
- Atleast 8 years of experience in information security in particular cyber incident response and/or digital investigations
- Successfully led or contributed to investigations as an IC or team member
- Effectively manage the different business and IT stakeholders affected by a major incident, providing business risk assessments of cyber threats and technical vulnerabilities
- Experienced in conducting investigations within cloud and SaaS platforms, logging platform
- Experienced in conducting investigations using scripts (python, powershell, etc) and automation
- Working knowledge in operating SIEM, SOAR and CTI Solutions, Host-based Security Investigation, Mobile OS, Application Security, Web Services
- Current understanding of Operating IPS/IDS, Network Monitoring solutions, Net flow collector andAnalyzer, Network Traffic/Packet analysis, operating EDR system
- Working knowledge of malware analysis (deobfuscation) and malware reverse engineer is a bonus
- Certified in one or more of the following would be a bonus: CISSP, CISA, CCNA, CISM, SANS GIAC
Gojek Information Security function is responsible for providing a secure and trustworthy ecosystem, delivering a world-class product security capability while ensuring compliance and, last but not least, making Gojek the safest cyber workplace for our GoTroops.
About Us
Gojek is a Super App. It’s one app for ordering food, commuting, digital payments, shopping, hyper-local delivery, and dozen other products. It is Indonesia’s first and only decacorn. It's also the only Southeast Asian startup to be part of Fortune's list of 'Companies That Changed The World.'
Our Mission: To create and scale positive socio-economic impact for our customers, driver-partners, business and MSMEs.
As of 2021, Gojek processed more than $9 billion annualised gross transaction value across all markets where it operates - in Singapore, Thailand, Vietnam and Indonesia. We have the largest food delivery product in Asia, (outside of China), and the largest payments wallet in Southeast Asia.
Our investors include Google, Facebook, PayPal, Sequoia Capital, Tencent Holdings among others.
Gojek is committed to building a diverse and inclusive workplace and is an equal opportunity employer. We do not discriminate on the basis of race, religion, national origin, gender, gender identity, sexual orientation, disability, age, education status, or any other legally protected status.
Tags: Application security Automation CISA CISM CISSP Cloud Compliance EDR GIAC IDS Incident response IPS Malware Monitoring PowerShell Product security Python Red team SaaS SANS SecOps Security assessment SIEM SOAR Vulnerabilities
Perks/benefits: Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs