Security Engineer - Offensive Security

Security Engineer - Offensive Security page is loaded

Apply locations Indonesia - Jakarta, Green Office Park 1 time type Full time posted on Posted 30+ Days Ago job requisition id R0006948

It's fun to work in a company where people truly BELIEVE in what they're doing!

Job Description

Securing an organization and its information systems requires a holistic approach that includes continuous security verification, extending beyond standard testing and assessment methods. By assuming the role of a threat actor, the Offensive Security Team delivers valuable findings and insights with practical impact, which must be prioritized. Utilizing an offensive or attacker’s mindset, the team continuously reviews everything within the organization—including applications, infrastructure, and business processes—to identify potential loopholes that could be exploited by a real attacker to compromise the organization. As an Offensive Security team member at Traveloka, your daily tasks encompass penetration testing, adversarial emulation exercises, threat intelligence, maintaining offensive threat models, developing offensive security tools, reviewing bug bounty reports, and hunting vulnerabilities based on commonalities, internal trends, and latest threats. Your coverage area is comprehensive, assessing the organization from an attacker's perspective. We are seeking a candidate with robust cybersecurity technical expertise and solid understanding about cyber intrusion in an organization. This role is crucial for ensuring we stay abreast of the latest threats and are capable of identifying unique and complex challenges specific to Traveloka.

Requirements

Proven track record of highly technical cybersecurity expertise such as CTF (Capture the Flag), bug bounty, publication, blog, open source security tool contribution, speaking engagement, or Offensive Security certification.

Fluent in programming with any language and shell scripting.

Experience in Windows security, Unix security, network security, and web application security is a must.

Experienced in cloud computing like AWS and GCP is a plus.

Experienced in red or purple team exercise is a plus.

Able to practically demonstrate various security vulnerabilities, exploits, and attacks in web applications, computer infrastructure, and personal computers.

Understand about cybersecurity threats related to travel and tech industries.

Excellent written and verbal communication skills

Dedication to cybersecurity alongside a strong commitment to continuous learning about new technologies

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

locations Indonesia - Jakarta, Green Office Park 1 time type Full time posted on Posted 30+ Days Agolocations Indonesia - Jakarta, Green Office Park 1 time type Full time posted on Posted 30+ Days Ago

We don’t innovate for the sake of innovation, we utilize technology to simplify people’s lives so they can enjoy their lives better. That belief is what brought Traveloka to be Southeast Asia’s Leading Travel Platform. Traveloka serves 20+ products that include comprehensive travel services. From transportations to accommodations, discovering nearby attractions, and insurance products to financial services, including the groundbreaking ‘Buy Now Pay Later’.

With 100+ millions downloads in six countries across the SEA region, we aim to keep exploring for better innovations—all to fulfill our users’ travel aspirations so they can enjoy their lives, their way.

Our vision is to enrich people’s life by empowering them in fulfilling their unique travel aspirations, seamlessly.