Deskripsi Pekerjaan:

• Applying DevSecOps knowledge help implement Secure-SDLC with appropriate CI-CD integrations. 
• Participate in technical and product review meetings making sure that the security concerns are taken care of. 
• Conduct design reviews, code reviews and threat modelling of the Product features 
• Produce detailed threat models of the products 
• Perform penetration testing on the products and uncover vulnerabilities 
• Automate/Script penetration testing to enable us to scale faster 

Kualifikasi:

• Ability to develop technical solutions and use existing tools to help discover and mitigate security vulnerabilities. 
• Ability to code/script in at least one programming language like Python, Java, GoLang, C++. Excellent knowledge of pen testing tools and procedures for Web/Mobile 
• Good understanding of our Cloud\Mobile technologies 

Flair for automation: 

1. Should be passionate about automating security testing and penetration testing using tools and code. 
2. Should have decent knowledge of Secure-SDLC DevSecOps integrations into the CI-CD pipeline 
3. Passion for system architecture with a primary focus on security aspects 
4. Fundamental understanding of security best practices. Review security vulnerabilities and determine what modifications are needed to minimize risk to the organization via enhancements to the existing environment. 

• Excellent ability to communicate technical solutions. Assist in developing test plans, test the products, make recommendations, and assist in developing the architecture and implementation plan for approved solutions. 

Teamwork and advocacy: 

1. Fostering a culture of security consciousness across various teams. 
2. Develop and maintain a comprehensive set of security benchmarks and guidelines that are readily adoptable by system and network administrators and software engineers. 
3. Around 2-3 years of experience in Security engineering 
4. A Bachelors/Master’s in Computer Science, Mathematics or an equivalent quantitative