About the Role The Security Architecture team is responsible for security products and services used by millions of users every day. The team conducts security design and code reviews on applications (web, mobile) and infrastructures (cloud, on-premise). The team works closely with the Product, Engineering, and Infrastructure teams throughout the Software Development Life Cycle. As Security Engineering Lead, you will lead security initiatives on critical projects. You are required to review large and complex systems, identify security gaps and vulnerabilities, and propose adequate security controls. You are expected to solve difficult security challenges by balancing security and usability.
\n What You Will DoPerform security design on applications (web, mobile) and infrastructures (cloud, on-premise)Perform security code review (manual, automated) on applications and infrastructuresEnsure applications and infrastructures are secure by design, follow secure design principles, and adopt secure coding practicesIdentify security gaps and vulnerabilities, and propose appropriate controls and remediationsPropose solutions to wide-ranging security problemsRaise security awareness among the Product, Engineering, and Infrastructure team by conducting security training, and having regular security discussionsBridge communication between the broader Information Security team with the Product, Engineering, and Infrastructure team What You Will NeedBachelor's degree in Computer Science, or a related fieldMinimum 3 years of experience in Software Engineering, preferably on web and mobile applicationMinimum 3 years of experience in Information Security, preferably in application and cloud securityGood knowledge of common secure design principles and secure coding practicesGood knowledge of common adversarial techniques, tactics, and procedures Ability to learn new things quickly and independentlyAbility to communicate effectively, preferably in English
\nAbout the Team The Security Architecture is primarily responsible for ensuring the security controls are being considered by the Engineering teams right from the beginning of product/application development. This will help in reducing the attack surface and also significantly reduce the cost to mitigate any security issue that got detected during the later stages of application development. The security architecture team members will also get exposure to various technologies being used by the Engineering teams and develop necessary security standards/best practices. This will help the security architecture team members to be updated and relevant with various technologies.
About GoTo Group GoTo Group is the largest digital ecosystem in Indonesia with its mission to "Empower Progress' by offering technological infrastructure and solutions for everyone to access and thrive in the digital economy. The GoTo ecosystem consists of on-demand transportation services, food and grocery delivery, logistics and fulfillment, as well as financial and payment services through the Gojek and GoTo Financial platforms.It is the first platform in Southeast Asia that hosts these crucial cases in a single ecosystem, capturing the majority of Indonesia's vast consumer household.
About Gojek Gojek is Southeast Asia's leading on-demand platform and pioneer of the multi-service ecosystem with over 2.5 million driver partners across the regions offering a wide range of services such as transportation, food delivery, logistics and more. With its mission to create impact at scale, Gojek is committed to resolving consumer problems and raising standards of living by connecting consumers to the best providers of goods and services in the market.
About GoTo Financial GoTo Financial accelerates financial inclusion through its leading financial services and merchants solutions. Its consumer services include GoPay and GoPayLater and serve businesses of all sizes through Midtrans, Moka, GoBiz Plus, GoBiz, and Selly. With its trusted and inclusive ecosystem of products, GoTo Financial is open to new growth opportunities and aims to empower everyone to Make It Happen, Make It Together, Make It Last.
GoTo and its business units, including Gojek and GoToFinancial ("GoTo") only post job opportunities on our official channels on our respective company websites and on LinkedIn. GoTo is not liable for any job postings or job offers that did not originate from us. You should conduct your own due diligence to prevent being victims of any fake job scams, if they did not originate from GoTo's official recruitment channels. #LI-GOTO #LI-Onsite