Traveloka Off Campus Drive 2024 | Security Engineer

About Traveloka Off Campus Drive 2024

We don’t innovate for the sake of innovation, we utilize technology to simplify people’s lives so they can enjoy their lives better. That belief is what brought Traveloka to be the leading travel platform in Southeast Asia. Traveloka serves 20+ products that include comprehensive travel services. From transportations to accommodations, discovering nearby attractions, and insurance products to financial services, including the groundbreaking ‘Buy Now Pay Later’.

Traveloka Off Campus Drive 2024 Details

Job Description For Traveloka Off Campus Drive 2024

Product Security Engineer at Traveloka will be required to ensure that our products and services are shipped with high security standards through application security testing, hardening, and secure framework. A Product Security Engineer will be smart and self starter. The person needs to find unique ways to understand complex software architecture and should be able to perform manual security code review. They need to be able to integrate security in the software development process with defense-in-depth strategies such as automated testing in CI/CD pipeline. A Product Security Engineer preferably needs to have a software development background and should have practical programming knowledge.

They will work very closely with our Software Engineering Team to implement Secure SDLC in Traveloka. They will also need to have proficiency in handling multiple projects based on different frameworks and groups.

Responsibilities

• Carry out manual and automated review of source code to identify security vulnerabilities and risks
• Implement automated security testing tools (SAST, DAST, IAST) and their deployment within continuous integration systems
• Implement hardening and secure framework such as RASP, WAF, safe library, and security decorator functions
• Perform vulnerability assessment & penetration testing on web API, front-end service, internal RPC, and mobile application
• Attend design reviews and actively lead the discussions from a security standpoint
• Analyze possible security incident related to application security such as payment abuse or sensitive data exposure via web API
• Ensure that product security requirements are identified early on and are being baked into all projects
• Provide effective recommendations or patches to mitigate security vulnerabilities 
• Develop in-house tools to integrate with SDLC and to track and derive security metrics

Skills & Experience

• Academic background in Computer Science or equivalent
• Relevant professional experience or extensive experience in security activities (e.g. CTF, bug bounty, security research, publications, blog)
• Practical knowledge of modern software development such as microservices, application containerization, REST architecture, object oriented programming, stateless/stateful authentication, and cloud platform
• Working knowledge of one or more of these programming languages: Java, JavaScript, Kotlin, C#, Objective-C, Swift
• Experience in security code review, vulnerability assessment, and penetration testing.
• Knowledge of common vulnerabilities such as OWASP Top 10 and CWE including business logic issue (e.g. IDOR)
• Core skill set in two or more of the following areas:
  • JavaScript framework (e.g. React)
  • Java framework (e.g. Spring)
  • Android / iOS platform
  • DevOps
  • AWS
  • Automation tool development
  • Dynamic debugging
  • Unit testing
  • Algorithm & data structure

Traveloka Off Campus Drive 2024 Application Process

DOUBLE CLICK TO APPLY ONLINE !

We wish you the best of luck in your Traveloka Off Campus Drive 2024. May your talents shine, and may you find the perfect opportunity that not only meets your professional goals but also brings joy to your everyday work.