The fastest courier, transport, food delivery and shopping services provider in Indonesia.
Senior Information Security Associate
Job Description / Skills Required
About the role:
As an Information Security Engineer, we are looking for someone who can plan and execute his/her position and responsibilities with guidance from their manager. Senior Security Associates typically acquire the skills, knowledge, and experience necessary to meet the expectations of this level with 2-4 years of relevant industry experience.
This would be a role within Gojek Product Security and as a second-line engineer, this will be mostly to perform manual and automated code reviews, software security testing, and vulnerability assessments for cloud-based tech stack, assist in technical documentation and scripting for automating DevSecOps, besides independently handling product security reviews.
What You Will Do
- Research and report on information security topics in support of security projects and initiatives
- Participate in InfoSec meetings under direct supervision
- Assist senior staff members with security tasks including simple operations and projects
- Execute and complete basic security tasks
- Contribute and document security use cases under guidance of senior team members
- Compile security reports, gather user and system data related to policies and initiatives
- Learn and operate security tools and perform entry level security operational tasks
What You Will Need
- At least 2+ yrs of relevant industry experience
- Software programming skills in <Java, Ruby, GoLang, Scala etc> and microservices application architecture
- Thorough understanding of OWASP Top 10 for Web, Mobile and APIs
- Cloud security basics include cloud native tech like K8s, Dockers, etc
- Usage of Pentest and VA tools like Nessus, Metasploit, Nexpose, nmap, OpenVAS, etc
- Usage of SAST an DAST tools like OWASP ZAP, BurpSuite etc