- Participate in the development of a small to medium complexity security project, process, or initiative within their technical focus area (cloud security, identity access management, vulnerability management, penetration testing, automation, test/abuse case research, QA)
- Work with security engineering teams to review their design/architecture, perform risk assessments, and provide suitable control recommendations as appropriate
- Build, test, document, and roll out proactive security controls organization-wide
- Build reports/dashboards around to capture and present the progress on OKRs and KPIs to stakeholders
- Identify additional areas of opportunity and means for knowledge sharing practices across teams
- Codify the learnings into reusable knowledge snippets/artifacts besides curating the same for continual consumption
- Involve and review implementation certification ISO27001
- Responsibility in Bug Bounty Program
- 2+ years information security field or relevant experience
- Strong expertise with cloud environments : AWS
- Proficient in one or more language like node.js or vue.js.
- Knowledge and experience in OWASP guideline
- Bachelor’s Degree in Information Technology, Computer Science, Computer Engineering, Information Systems, or relevant technical field experience in security domain
- Knowledge of different layers of security such as Cloud Security, Network Security, Application Security, Data Security, and Compliance
- Some hands-on experience in the security areas of penetration testing mobile applications or websites
- Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, - Vulnerability Scanning, Security and Monitoring tools, etc.
- Awareness of critical concepts in DevSecOps and Agile principles
- Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines
- Leadership and Teaming skills to coordinate remediation of vulnerabilities within established timeframes
- Contribution to bug bounty programs, hacktivist fests, capture the flag challenges. Open source and GitHub profile would be a plus
- Has Certified Protection Professional (CPP) is plus point
Andalin is committed to making international business easier, more accessible, and trustworthy by connecting all of our services in our ecosystem. Whether you need a freight forwarding service, insurance, customs, etc we got you covered.Our high-quality service, expertise, and cutting-edge technology are the reasons why we’re trusted by hundreds of companies in Indonesia.Whatever your international business needs, Andalin's full range of services can help your business to grow without border.Andalin Without Border!
Kalibrr