CÁC PHÚC LỢI DÀNH CHO BẠN
MÔ TẢ CÔNG VIỆC
Your responsibilies will be included but not limited to:
– Execute Penetration Testing, Vulnerability and Security Assessment on Traveloka Systems;
– Give solutions or mitigation for found vulnerabilities on Traveloka Systems;
– Perform Exploit analysis & Create custom exploit;
– Perform security reviews of application designs, Business Process Designs and deployments as required;
– Influence stakeholders and managements to prioritize and execute remediation plans;
– Conduct data breach and security incident investigations;
– Help GRC Team in delivering security awareness to Traveloka Employees and Customers in Local Country Office.
– International red team will directly report to Head of information security for technical task and daily security task;
– For administrative and daily office activities will be under supervision of Country manager, remind that some of the task will be considered as classified task and confidential data management;
– All information that is related with task and assignment should be shared ONLY with Head of information security and Country manager under acknowledgement of VP International.
You will work with high-caliber individuals including graduate of Ivy League universities, top-tier consulting companies, big 4 audit firms and multinational companies. Be a pioneer and challenge your capability in setting up new business processes for a Southeast Asia’s premier technology company!
– Traveloka is a bleeding edge technology company, which using various technology for web and mobile platform technology that made a big challenge for information security skill set widely open;
– Traveloka in a process to growth globally and for sure there will be a lot of challenging things, handle various kind of attack vector, various cyber crime technique, brings security awareness among employee to prepare for external threat;
– Working environment in Traveloka: young, energetic and fully support for everyone who has passion to learn something new, including in information security fields.
YÊU CẦU CÔNG VIỆC
– Familiar with Hacking Tools (Backtrack / Kali Linux);
– High proficiency in automated and manual techniques for penetration testing, especially on testing web application security;
– Understand web application security vulnerability , concept and technically, at minimum requirement , having depth understanding with all vulnerability that was listed on OWASP Top 10 vulnerabilities;
– Familiar with Security Testing methodology such as OWASP, PTES, OSSTMM etc.;
– Able to perform security threat analysis and threat modeling;
– Able to give solutions or mitigation of found vulnerabilities;
– Able to perform manual validation of vulnerabilities.