The Security Engineer is responsible for designing, implementing and operating security systems within Gojek’s IT Enterprise infrastructure focusing on the architecture, engineering and operations of the Enterprise Security program. This position requires an experienced engineer who has good working knowledge in security technology solutioning, cybersecurity best practices and processes, and stakeholder management in a medium or large enterprise environment.
Acquire an understanding of a company’s IT and product and engineering environments and information systemsContribute to the enterprise-wide Security Engineering and Architecture program analyzing the current policies and capabilities to proactively identify and propose enhancements to the programProvide expertise in tech solutioning in the security stack to address the current and latest cybersecurity threats, and manage the solution, from proof of concept to implementation and operationalization into steady-stateGive input to the direction and strategy for technology solutioning security stack following the best practices of Identification, Protection, Detection, Response and Recover (IPDRR), including the non-exhaustive list of anti-virus, IDS/IPS, SIEM, EDR, SOAR and isolation technologiesProvide guidance on architectural improvements and guidance which supports developers, engineers and analystsKeeps current with security market trends and solutions, developing technical standards and guidelinesCollaborates with application and infrastructure owners to define integration initiatives encompassing all externally and internally-facing applications and systemsIdentify gaps in existing security architecture and recommend changes or enhancements
Minimum of 5+ years of professional experience in IT and information securityProficient in reading, writing and speaking EnglishExperience and hands-on working knowledge with security controls and tools across security domain, including (but not limited to) AV, SIEM, SOAR, DLP, IAM, PIM/PAM, MDM and overall security architecture, engineering and operationsExperience in developing comprehensive architectural solutions with varying complexityStrong understanding of both cybersecurity and network/systems infrastructureExperience in security review from a technical perspective
Experience in implementing and operating security technologiesKnowledge of endpoint protection technology and data loss protection strategiesAptitude to exercise sound technical, interpersonal and organizational judgment Be able to work as part of a wider information security analytics team to improve the global security posture of GojekBe able to contribute to enhancing the security of communication channels at Gojek to reduce the risk and impact of data loss across the enterpriseOverall knowledge of the business applications and user experience (applications, desktops, mobile devices, etc)Excellent knowledge in cybersecurity landscape and trendsGood understanding of Enterprise cloud solutionsStrong analytical and problem-solving skillsStrong communication skills with minimal supervision neededTeam player and experience in collaborating with internal teams across multidisciplinary functions