Sorry. This page is not yet translated.
Gojek

The fastest courier, transport, food delivery and shopping services provider in Indonesia.

Senior Information Security Engineer
Bangalore, IN
Job Description / Skills Required

A Senior Information Security Engineer is a go-to expert in one or more information security disciplines with an expertise and wide understanding of security architecture, processes, alignment to stakeholder teams, and accountability for effective measurement of security metrics. H/she should have prior experience in leading and executing large and technically complex security projects and initiatives and can readily lead delivery teams of 4-6 security engineers.
 

What You Will Do

  • Participates in development of a small to medium complexity security project, process, or initiative within their technical focus area (cloud security, identity access management, vulnerability management, penetration testing, etc.)
  • Designs, develops and maintains small to medium complexity security features and/or process changes with some guidance from more experienced team members.
  • Scope of activities are scoped to functional security assignments from senior team members or manager
  • Improves security operations by enhancing use cases, processes, and/or code structure.
  • Implements medium complexity security tasks for projects and delivers concise and clear deliverables
  • Contributes to automation of repeated manual tasks to improve team productivity
  • Has an in-depth understanding of at least a few security domains (application, network, identity access mgmt, vulnerability mgmt, incident response, encryption, remote access etc)
  • Takes responsibility for deliverables, production, process improvements
  • Concise documentation for security use cases and operational improvements
  • Collaborates in security reviews that follow the standards and practices of information security best practices that are recognized by their team members
  • Collaborates with senior security engineers to flesh out implementation details

What You Will Need

  • 5+ years of relevant industry experience.
  • A strong acumen and understanding of tech architecture for cloud native and microservices based web and mobile applications
  • Driving security automation and DevSecOps within engineering lifecycle besides vulnerability/bug remediation through calibration and filtering false positives
  • Experience in using manual and automated scanners like Nessus, Nexpose, Qualysguard, nmap. OpenVAS, Nexpose besides PT kits like Kali Linux, Metasploit etc.
  • Mandatory certification CISSP, OSCP, CEH
  • Desirable certifications like CSSLP, LPT, SANS-GPEN, SABSA