Offensive Security Engineer

2 weeks ago


Singapore Local Office Traveloka Full time $120,000 - $180,000 per year

It's fun to work in a company where people truly BELIEVE in what they're doing

‎ 

‎ 

Job Description

Securing an organization and its information systems requires a holistic approach that includes continuous security verification, extending beyond standard testing and assessment methods. By assuming the role of a threat actor, the Offensive Security Team delivers valuable findings and insights with practical impact, which must be prioritized. Utilizing an offensive or attacker's mindset, the team continuously reviews everything within the organization—including applications, infrastructure, and business processes—to identify potential loopholes that could be exploited by a real attacker to compromise the organization.

As an Offensive Security team member at Traveloka, your daily tasks encompass

penetration testing, adversarial emulation exercises, threat intelligence, maintaining offensive threat models, developing offensive security tools, reviewing bug bounty reports, and hunting vulnerabilities based on commonalities, internal trends, and latest threats. Your coverage area is comprehensive, assessing the organization from an attacker's perspective. We are seeking a candidate with robust cybersecurity technical expertise and solid understanding about cyber intrusion in an organization. This role is crucial for ensuring we stay abreast of the latest threats and are capable of identifying unique and complex challenges specific to Traveloka.

  • Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security
  • Execute penetration testing projects using the established methodology, tools and rules of engagements.
  • Execute red team assessments to highlight gaps impacting organizations security postures.
  • Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
  • Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations.

‎ 

Requirements

  • Proven track record of highly technical cybersecurity expertise such as CTF (Capture the Flag), bug bounty, publication, blog, open source security tool contribution, speaking engagement, or Offensive Security certification.
  • Fluent in programming with any language and shell scripting.
  • Experience in Windows security, Unix security, network security, and web application security is a must.
  • Experienced in cloud computing like AWS and GCP is a plus.
  • Experienced in red or purple team exercise is a plus.
  • Able to practically demonstrate various security vulnerabilities, exploits, and attacks in web applications, computer infrastructure, and personal computers.
  • Understand about cybersecurity threats related to travel and tech industries.
  • Excellent written and verbal communication skills
  • Dedication to cybersecurity alongside a strong commitment to continuous learning about new technologies

‎ 

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us



  • Singapore Traveloka Full time

    Overview It\'s fun to work in a company where people truly BELIEVE in what they\'re doing! Securing an organization and its information systems requires a holistic approach that includes continuous security verification, extending beyond standard testing and assessment methods. By assuming the role of a threat actor, the Offensive Security Team delivers...


  • Singapore PAYPAL PTE. LTD. Full time

    **Job Description Summary**: This offensive security engineer will lead and execute security engagements that combine both red team and purple team methodologies. Your role will involve designing and executing sophisticated cyberattacks, simulating advanced persistent threats and collaborating closely with the defense (blue) teams to improve detection,...


  • Singapore Shopee Full time

    Offensive Security Engineer (Red Team) - Information Security Join to apply for the Offensive Security Engineer (Red Team) - Information Security role at Shopee . Job Responsibilities Design and perform APT adversary emulation to assess infrastructure, systems, and applications against confidentiality, integrity, authentication, availability, authorization,...


  • Singapore watchTowr Full time

    Overview watchTowr is the Preemptive Exposure Management capability trusted by Fortune 500 companies and critical infrastructure providers. By combining proactive threat intelligence, real attacker telemetry, and automated red teaming, watchTowr continuously identifies and validates real exposure - so security teams can outrun real-world threats. When...


  • Singapore Marina Bay Sands Pte Ltd Full time

    Senior Cyber Threat Analyst (Offensive Security, Threat Hunting & Incident Response)LOVE WHAT YOU DO? THERE IS A PLACE FOR YOU HERE!Be part of our diverse and inclusive team. Job Responsibilities Adversarial Simulation: Perform comprehensive analyses and simulations to mimic cyber threats and identify vulnerabilities. Execute intel-led security testing and...


  • Singapore SEKURO OPERATIONS PTE. LTD. Full time $120,000 - $200,000 per year

    Head of OffsecSekuro is a trusted provider of information security consulting services. We are currently recruiting a smart, experienced and motivated security professional to join manage our Technical Assurance OFFSEC team and engagements in Asia. The role involves working with mid-market to enterprise level clients. The successful candidate will have a lot...


  • Singapore Assurity Trusted Solutions Full time

    Assurity Trusted Solutions (ATS) is a wholly owned subsidiary of the Government Technology Agency (GovTech). As a Trusted Partner over the last decade, ATS offers a comprehensive suite of products and services ranging from infrastructure and operational services, authentication services, governance and assurance services as well as managed processes. In a...


  • Singapore Assurity Trusted Solutions Pte Ltd Full time

    Senior / Lead Offensive Cybersecurity Engineer (VAPT)Assurity Trusted Solutions (ATS) is a wholly owned subsidiary of the Government Technology Agency (GovTech). As a Trusted Partner over the last decade, ATS offers a comprehensive suite of products and services ranging from infrastructure and operational services, authentication services, governance and...


  • Singapore Assurity Trusted Solutions Full time $80,000 - $240,000 per year

    Assurity Trusted Solutions (ATS) is a wholly owned subsidiary of the Government Technology Agency (GovTech). As a Trusted Partner over the last decade, ATS offers a comprehensive suite of products and services ranging from infrastructure and operational services, authentication services, governance and assurance services as well as managed processes. In a...


  • Singapore JPMorganChase Full time

    Join one of the world's most influential companies and leverage your skills in cybersecurity to have a real impact on the financial industry. **Job responsibilities** - Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs - Defines the technical target state of their...