Application Security Specialist Penetration Testing & Secure SDLC
PT Tiga Daya Digital Indonesia (Eksad Technology)
Lokasi
Jakarta Selatan, DKI Jakarta
Tipe kerja
On-site
Gaji
Negotiable
Deskripsi pekerjaan
- Collaborate with developers, architects, and product teams to embed security across the SDLC (Secure Software Development Life Cycle).
- Conduct security design and architecture reviews for new systems, applications, and changes to existing systems.
- Analyze and provide security recommendations for APIs, particularly those involving third-party integrations and critical business services.
- Create actionable reports and communicate findings clearly to technical and non-technical stakeholders.
- Act as an internal “red team” resource — capable of rapidly assessing potential security concerns during development or deployment.
- Support secure coding initiatives through developer engagement, code review participation, and knowledge-sharing
- Stay up-to-date with evolving threats, tools, and best practices in application security and ethical hacking.
Kualifikasi
- - Perform internal penetration testing on web applications, mobile apps, APIs, and internal tools — especially those requiring regulatory approval or high-risk exposure.
- - Collaborate with developers, architects, and product teams to embed security across the SDLC (Secure Software Development Life Cycle).
- - Conduct security design and architecture reviews for new systems, applications, and changes to existing systems.
- - Analyze and provide security recommendations for APIs, particularly those involving third-party integrations and critical business services.
- - Create actionable reports and communicate findings clearly to technical and non-technical stakeholders.
- - Act as an internal “red team” resource — capable of rapidly assessing potential security concerns during development or deployment.
- - Support secure coding initiatives through developer engagement, code review participation, and knowledge-sharing
- - Stay up-to-date with evolving threats, tools, and best practices in application security and ethical hacking.
Nice to Have
- - OSCP, GPEN, GWAPT, or other offensive security certifications.
- - Experience working in financial institutions or regulated environments.
- - Exposure to cloud-native security concerns (e.g., AWS/GCP/Azure application security).
- - Familiarity with security testing of mobile apps (Android/iOS).
Persyaratan
Pendidikan: 550
Pengalaman: 200