Product Security Engineer - CE
Jakarta
Applications have closed
Gojek
Gojek is Southeast Asia’s leading on-demand platform and a pioneer of the multi-service ecosystem model, providing access to a wide range of services including transportation, food delivery, logistics and more.If you’re looking to be a part of a dynamic, highly-analytical team who enjoys working closely with mobile and web application security, look no further. As a Product Security Engineer for Commerce Enablement, you will be handed the reins in security for Gojek/GTF. Along with the Products, Engineering and other related teams, you will be in charge of testing, building, maintaining, and improving security measures to ensure our environment and applications are secure from threats. The cherry on top: you’ll get to be a part of a team that works as a security enabler of our system.
What You Will Do
- Perform in-depth security review and assessment over various products and services Provide the best support and technical solution for product and engineering team to design a secure application & environment
- Develop automation of security testing as part of Secure SDLC
- Designs, develops and maintains small to high complexity security tools & systems
- Participate in Vulnerability and Incident Management activities (e.g: response & handling, mitigation, escalation, reporting, etc)
- Develop, maintain, and operates various tools and systems that support security programs and activities
- Maintain an up to date information on newest security vulnerability and document plan on mitigation process
What You Will Need
- Should have at least 4 years experience in relevant field
- Experience with Mobile and Web App Security, Vulnerability Management and Penetration Testing
- Knowledge on cyber security domains such as Identity Access Management, DevSecOps, Incident Response, Cloud Security, Zero Trust, etc.
- Hands-on experience with various scripting and programming languages (Phyton, bash, Java, etc)
- Deep understanding of cloud and microservices architecture
- Demonstrated good communication and interpersonal skills, also have a strong analytical skill
- Business-level fluency in English, both written and spoken
- Cyber Security certifications such as OSCP, eWPT, or similar are preferable
Our team, we are mutually concerned with various aspects of security in the Commerce Enablement’s products & services, and the supporting Cloud Infrastructure. As a security enabler, our goal is to deliver information security as a business value for the organization. The gist of our role is to enable and improve security measures over our various systems within the Commerce Enablement group by testing, building and promoting automations and orchestrations to ensure that our environment and applications are secure from threats. Should you have a question about what actions that we need to do to prevent any potential breach on our system, we are your people!
About Us
Gojek is a Super App. It’s one app for ordering food, commuting, digital payments, shopping, hyper-local delivery, and dozen other products. It is Indonesia’s first and only decacorn. It's also the only Southeast Asian startup to be part of Fortune's list of 'Companies That Changed The World.'
Our Mission: To create and scale positive socio-economic impact for our customers, driver-partners, business and MSMEs.
As of 2021, Gojek processed more than $9 billion annualised gross transaction value across all markets where it operates - in Singapore, Thailand, Vietnam and Indonesia. We have the largest food delivery product in Asia, (outside of China), and the largest payments wallet in Southeast Asia.
Our investors include Google, Facebook, PayPal, Sequoia Capital, Tencent Holdings among others.
Gojek is committed to building a diverse and inclusive workplace and is an equal opportunity employer. We do not discriminate on the basis of race, religion, national origin, gender, gender identity, sexual orientation, disability, age, education status, or any other legally protected status.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation Bash Cloud DevSecOps eWPT Incident response Java Microservices OSCP Pentesting Product security Scripting SDLC Vulnerability management
Perks/benefits: Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs