SDET II (Security)

Halodoc is looking for an individual who can adopt the mindset of an attacker to proactively identify security vulnerabilities and collaborate closely with cross-functional teams to promptly address them. This role involves taking charge of the end-to-end secure development requirements, discovering vulnerabilities and security misconfigurations through Penetration Testing, Vulnerability Assessment, Threat Modeling, Red-teaming exercises, etc. You are expected to provide the remediation strategy specific to the Halodoc product tech stack by carefully considering the tradeoffs between security and user experience. We value individuals who are passionate about staying ahead in security, leveraging emerging technologies like LLMs and adopting innovative methodologies to enhance our security posture. The ideal candidate is a team player with strong communication skills, creative problem solving abilities and a strong passion for product security.

To apply for this position, you must have:

Minimum 6 years of experience building and securing software, with at least 4 years focusing on Web and Mobile application security testing.

Experience in deploying application security technologies such as SAST, DAST, IAST, SCA, etc.

Ability to analyze security requirements and design secure cloud solutions based on AWS services.

Enthusiasm for writing code, and helping others do the same.

Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.

Proactiveness and be self-driven to be successful working in a remote environment.

SDET II, Application Security Job Responsibilities:

Conduct product/feature level Design Reviews, Code Reviews, Threat Modeling, Web/Mobile Penetration Testing and Vulnerability Assessment and work with developers to resolve them.

Working in a DevSecOps environment, with a focus on automating security testing in the development pipeline and implementing new or improved technologies and tooling, such as SAST, DAST, SCA, etc., to strengthen Halodoc security posture and drive innovation while maximizing ROI.

Investigate user security issues, utilizing product knowledge and logs to understand potential incidents and proposing improvements to monitoring for quicker detection and containment of the similar issues.

Support Halodoc Bug Bounty program through triaging submissions, proposing remediations and determining the root cause and severity of the reported vulnerabilities.

Take an active role in driving internal security and privacy initiatives.

Interact directly with the security community regarding vulnerabilities and threats.

Analyze, assess, and respond to the various security threats.

Good to have Qualifications:

OSCP and or AWS Certified Security certification is a plus.

Bug bounty experience is a plus.

Research on AI-specific security threats including prompt injection, backdoor, privacy extraction.

Preferred Qualifications

Contributions to the security community (public research, blogging, presentations, etc) B.S. or M.S. Computer Science or related field, or equivalent experience

Similar Jobs

No jobs found

Halodoc is a health-tech platform with a mission to simplify access to healthcare by connecting millions of patients with licensed doctors, insurance, labs, and pharmacies in one mobile application. Halodoc’s innovative technology, nimble services, and patient focus enable a host of solutions including 24/7 doctor teleconsultation; medicine purchase & delivery; lab services at home; and strong CS.

Halodoc is the 2018 Forbes Indonesia Choice Award winner and Galen Growth’s 2018 Most Innovative HealthTech Startup in Asia, a testimony to a team of compassionate, innovative, trustworthy and agile people who take ownership of their work in building the most trusted digital healthcare company.

Halodoc is a health-tech platform with a mission to simplify access to healthcare by connecting millions of patients with licensed doctors, insurance, labs, and pharmacies in one mobile application. Halodoc’s innovative technology, nimble services, and patient focus enable a host of solutions including 24/7 doctor teleconsultation; medicine purchase & delivery; lab services at home; and strong CS.

Halodoc is the 2018 Forbes Indonesia Choice Award winner and Galen Growth’s 2018 Most Innovative HealthTech Startup in Asia, a testimony to a team of compassionate, innovative, trustworthy and agile people who take ownership of their work in building the most trusted digital healthcare company.

Alamat email kamu