We are in search of a highly skilled and seasoned Security Engineer, specializing in blue team operations, to become a vital part of our dynamic cybersecurity team. In this role, as a Security Engineer, you will take on the critical responsibility of safeguarding our digital environments by proactively countering cyber threats.
Your primary duties will encompass the preservation of security for Flip's application, infrastructure, network, and data. You will play a pivotal role in elevating our organization's cybersecurity stance. Success in this role hinges on your proactive approach and unwavering commitment to staying ahead of emerging threats and vulnerabilities.
Rafi, Luqman, and Anjar, who were college friends in Universitas Indonesia, started Flip as a project in 2015 to transfer payments to each other at a fraction of what banks would charge them. They are pioneers in the Indonesian market, with their technology now helping millions of Indonesians, both individuals and businesses, carry out bank-to-bank money transfers through a reliable and seamless app.
After seven years of operations, Flip has helped Indonesians transfer money worth several trillions of rupiah and has received double-digit funding from respectable investors such as Sequoia India, Insight Partner, and Insignia. Flip’s ultimate mission is to give Indonesians access to one of the most progressive and fairest financial services in the world.
At Flip, we always strive to provide the fairest place for you to work, learn, and grow with talented and fun people in various opportunities to advance your career and get fair rewards. We believe that we have to treat employees, customers, and all stakeholders fairly and respectfully. Fair treatment for employees means we establish clear goals, facilitate our employees to achieve them, and value their contribution to the company with equitable benefits.
Conduct intelligence and threat-driven security assessments of critical systems, major applications, and networks to pinpoint security vulnerabilities, subsequently communicating the potential implications of these vulnerabilities to system/service owners.
Conducts impartial and thorough assessments, yielding actionable security recommendations customized to the specific environment under evaluation.
Responsible for identifying and validating security vulnerabilities, conducting network mapping and analysis, performing vulnerability assessments, conducting penetration testing on network filters and security countermeasures, proactively seeking threats, responding to incidents, and conducting forensic analysis.
Ensure that security policies and procedures are up to date and aligned with industry standards and regulations. Assist in compliance audits and remediation efforts.
Lead and coordinate incident response efforts when security incidents occur, ensuring swift detection, containment, and eradication of threats.
Collaborate with the security team and other stakeholders to review and improve our organization's security architecture, ensuring it aligns with industry standards and best practices.
Evaluate and recommend new cybersecurity tools, methodologies, and automation techniques to streamline security assessment processes and enhance efficiency.
Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
Relevant certifications such as OSCP, OSCE, GPEN, or GXPN are highly desirable.
Demonstrated success and a comprehensive understanding of widely recognized frameworks, such as ISO/IEC 27001, COBIT, and PCI-DSS.
Expertise in using various security testing tools and frameworks (e.g., Metasploit, Burp Suite, Kali, Metasploit Core Impact etc.) and manual techniques to conduct thorough security assessments.
Proficiency in programming and scripting languages (e.g. Python, Go, Shell Script) to develop custom tools and automation scripts is desirable.
Strong understanding of network protocols, operating systems, and common security technologies (SIEM, XDR/EDR, firewalls, IDS/IPS, WAFs, etc.).
In-depth knowledge of cybersecurity principles, attack vectors, and defense strategies. Familiarity with threat intelligence and risk assessment methodologies, OWASP, Cloud Security best practices.
Excellent analytical and problem-solving abilities, with a proactive approach to identifying and mitigating security risks.
Effective verbal and written communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders.
Demonstrated ability to work collaboratively in a team environment, sharing knowledge, and supporting collective goals.
Join our team as a Security Engineer (Blue Team) and contribute to safeguarding our organization against the ever-evolving cybersecurity landscape. Apply your expertise to help us maintain a robust and resilient security posture.