- Perform regular penetration testing to tiket.com systems (applications and infrastructure).
- Develop and continuously improve current application security automation.
- Design, plan, develop, and deploy Security Orchestration, Automation, and Response.
- Analyze security events and logs.
- Support for incident response investigations.
- Create daily and monthly reports.
- Perform regular security code review.
- Perform regular sharing sessions to internal and external.
- Participate in PCI DSS and ISO 27001 audit.
- Coach and mentor less experienced team members.
- Minimum 4 years experience in Information Security
- Experienced in penetration testing (web application/ infrastructure/ mobile application)
- Experienced in scripting and programming (Java/ Python/ Golang)
- Experienced with risk scoring (OWASP Risk Rating, CVSS)
- Experience using security defense technologies (such as SIEM, SOAR, Firewall, etc)
- Experienced working with SQL languages (such as PostgreSQL, MySQL, etc)
- Familiar with MITRE ATT&CK Framework
- Experienced in security incident and investigation
- Experienced with open source technologies
- Experienced using versioning control
- Experienced with CI/CD pipelines, including SAST and DAST using proper technology
- Experienced in PCI DSS and ISO 27001 implementation
- Good in written, verbal communication and presentation skills
- Desired Certifications: OSCP/ OSWE/ CREST Registered Penetration Tester/ GCIH/ GMON/ CSSLP
Do you want to use your google account?