**About the Role**
If you're looking to be a part of a dynamic, highly-analytical team and an opportunity to dive deep into projects surrounding information security, look no further.
As our Team6 Specialist (Offensive Security) for GoTo Financial, you'll take the wheel in ensure product security for Gojek.
Along with Perform a thorough documentation on how vulnerabilities were exploited, you will be in charge of assist in identifying, tracing and neutralizing the active threats.
Working closely with Blue Team, you will get to manage unique security incidents.
The cherry on top: you'll get to be a part of a team that works to create project with higher degree security assessments.
**What Will You Do**:
Dedicatedly assist in identifying, tracing and neutralizing the active threats
- Perform a thorough documentation on how vulnerabilities were exploited and what changes should be made to prevent that from being exploited again
- Assist/participate in presenting the findings to multiple stakeholders involved in the study and/or incidents
- Proactively identify (and attempt to exploit) multiple vulnerabilities that are affecting the system and data security of our business
- Obtain a realistic understanding of the risks that our business can face including training used to prepare employees for cyber incidents
- Ensure that you upkeep required training regimens within Team6 and across the rest of the Red Team members
- Conducting regular purple teaming exercises together with the Blue Team
**What Will You Need**:
- At least 3 years of experience in ethical hacking (active exploitation), manual penetration testing and/or red teamer operations covering at least two of the following domains: infrastructure, operating systems, web app, mobile app, software bug testing
- A decent level of code/programming experience (e.g.
: write/modify exploit codes, trace and debugging traditional/OOP/API style programming)A strong hacker mindset including social engineering, logical and creative thinking (outside of the box) and unconventional thought processes when playing the devil advocates
- Strong dedication and desire to understand how things work, on a very deep level
- Experience with the red teaming aspect of technical writing documentation of the findings to multiple levels of stakeholders (from engineering to executive)Prior experience in designing and/or conducting technical training
- Hands-on experience in at least two of the following domains: Infrastructure Hardening (Cloud & On-Premise), Vulnerability Research, Social Engineering, Reverse Engineering, Active Exploitation, Exploit Development, DevSecOps (incl.
CI/CD)Having professional certification(s) related to red-teaming such as GIAC (GPEN, GCPN, GWAPT, GMOB, GXPN) or Offensive Security (OSCP, OSEP, OSWA/E, OSED/OSMR) is bonus point
**About the Team**
Offensive Security Team is a sub-pod of the GoTo Financial Security, based in Singapore.
The Offensive Security Charter: To help hedge against surprise, particularly catastrophic surprises - by not only playing the adversary, but also devil's advocate and related roles.
The team challenge complacency or unthoughtfulness in security-by-design principles and discover weaknesses before real adversaries do.
Team6 is a subset (special tactical force) of GoTo Financial's Offensive Security Team which not only delivered regular operations as red teamers, but is also a highly trained quick-reaction's squad to be deployed in challenging and/or unique security incidents, special situations and/or projects in which a higher degree of security assessments from the adversaries' attack point of view is required.
**About Us**
Gojek is a Super App.
It's one app for ordering food, commuting, digital payments, shopping, hyper-local delivery, and dozen other products.
It is Indonesia's first and only decacorn.
It's also the only Southeast Asian startup to be part of Fortune's list of 'Companies That Changed The World.'
**Our Mission**: To create and scale positive socio-economic impact for our customers, driver-partners, business and MSMEs.
As of 2021, Gojek processed more than $9 billion annualised gross transaction value across all markets where it operates - in Singapore, Thailand, Vietnam and Indonesia.
We have the largest food delivery product in Asia, (outside of China), and the largest payments wallet in Southeast Asia.
Our investors include Google, Facebook, PayPal, Sequoia Capital, Tencent Holdings among others.
- Gojek is committed to building a diverse and inclusive workplace and is an equal opportunity employer.
We do not discriminate on the basis of race, religion, national origin, gender, gender identity, sexual orientation, disability, age, education status, or any other legally protected status._