Security Engineer - Product Security Job in PAN India at traveloka

Traveloka is hiring for the role of Security Engineer - Product Security!

Responsibilities of the Candidate:

• Carry out manual and automated review of source code to identify security vulnerabilities and risks
• Implement automated security testing tools (SAST, DAST, IAST) and their deployment within continuous integration systems
• Implement hardening and secure framework such as RASP, WAF, safe library, and security decorator functions
• Perform vulnerability assessment & penetration testing on web API, front-end service, internal RPC, and mobile application
• Attend design reviews and actively lead the discussions from a security standpoint
• Analyze possible security incident related to application security such as payment abuse or sensitive data exposure via web API
• Ensure that product security requirements are identified early on and are being baked into all projects
• Provide effective recommendations or patches to mitigate security vulnerabilities 
• Develop in-house tools to integrate with SDLC and to track and derive security metrics

Requirements:

• Academic background in Computer Science or equivalent
• Relevant professional experience or extensive experience in security activities (e.g. CTF, bug bounty, security research, publications, blog)
• Practical knowledge of modern software development such as microservices, application containerization, REST architecture, object oriented programming, stateless/stateful authentication, and cloud platform
• Working knowledge of one or more of these programming languages: Java, JavaScript, Kotlin, C#, Objective-C, Swift
• Experience in security code review, vulnerability assessment, and penetration testing.
• Knowledge of common vulnerabilities such as OWASP Top 10 and CWE including business logic issue (e.g. IDOR)