Mid Security Engineer (Offensive)
Security Engineer II position at JPMorgan Chase focusing on Java development, AWS, and Terraform implementation for cybersecurity solutions.
Software Development Engineer role at Amazon Security focusing on threat engineering and development to protect customer data through innovative security solutions.
Software Development Engineer role at AWS Shield Infrastructure team focusing on DDoS protection and network security, offering competitive compensation and growth opportunities.
Remote Security Engineer position at Disney, focusing on cybersecurity, application security, and vulnerability management with competitive compensation and benefits.
Product Security Engineer role at Amazon focusing on payment security, requiring 3+ years of application security experience and strong programming skills.
Description For Mid Security Engineer (Offensive)
tiket.com is a leading travel technology company serving over 50 million users, focused on providing the best travel booking experience for their customers. They are seeking a Mid Security Engineer (Offensive) to join their Technology Infrastructure & Security team in a hybrid work arrangement based in Jakarta.
The role combines both offensive and defensive security responsibilities, requiring a strong background in cybersecurity with at least 3 years of experience. The position involves crucial security operations including incident response, vulnerability management, and implementation of security measures using various tools and technologies.
As a Security Engineer, you'll be responsible for protecting the company's assets and users through various security initiatives, from conducting thorough security analyses to implementing defensive technologies. The role requires both technical expertise in security tools and programming, as well as strong communication skills for stakeholder management.
The ideal candidate will bring a combination of hands-on technical experience with security tools, programming capabilities, and a strong understanding of security frameworks like OWASP and CVSS. Additional certifications such as OSCP, GCIH, or GMON are valued, as is experience with compliance standards like PCI DSS and ISO 27001.
This is an excellent opportunity for a security professional looking to make a significant impact in a large-scale travel technology platform, working with modern security tools and frameworks while protecting millions of users' experiences.
Responsibilities For Mid Security Engineer (Offensive)
- Investigate and respond to security incidents
- Conduct security log analysis to identify vulnerabilities and threats
- Perform risk scoring based on OWASP Risk Rating and/or CVSS
- Utilize and manage security defensive technologies (SIEM, WAF, and Bot Management tools)
- Implement and maintain security measures
- Develop and implement security solutions (automation)
- Conduct regular code reviews
- Prepare detailed reports on security assessments
- Deliver presentations to stakeholders on security findings
Requirements For Mid Security Engineer (Offensive)
- Minimum of 3+ years of experience in cybersecurity (defensive)
- Experience in programming and security vulnerability management
- Ability to perform risk scoring using OWASP Risk Rating and/or CVSS
- Experience with security defensive technologies
- Strong written and verbal communication skills
- Experience in security incident response and investigation
- Experience in managing cloud security perimeter
- Knowledge of MITRE ATT&CK (preferred)
- Familiarity with PCI DSS and ISO 27001 compliance (preferred)
- Relevant certifications such as GCIH or GMON (preferred)
- Programming experience in golang or python (preferred)
- Certified Offensive Security Professional (OSCP) (preferred)
