Full Job DescriptionAbout the Role
Strap on your helmet and climb on board if you’re ready to be our next Product Security Intern. You will be part of a journey making path-breaking outcomes that will influence not only your aspirations to lead a career within Information Security but also make an impact on the mission of Gojek. We value an open culture, like mindedness & appreciate people from varied security backgrounds and hence we are most willing to work with folks better than us.
What You Will Do
Participate in the development of a small to medium complexity security project, process, or initiative within their technical focus area (cloud security, identity access management, vulnerability management, penetration testing, automation, test/abuse case research etc)
Assist Product security teams to review their design/architecture, perform risk assessments, and provide suitable control recommendations as appropriate
Assist the team to build, test, document, and roll out proactive security controls organization-wide
Build reports/dashboards around to capture and present the progress on OKRs and KPIs to stakeholders.
Create and update knowledge base and documentation related to the product security processes and projects
Identify additional areas of opportunity and means for knowledge sharing practices across teams.
Codify the learnings into reusable knowledge snippets/artifacts besides curating the same for continual consumption
What You Will Need
Should be available for the next 6 months for a full time internship
Good knowledge about Linux and basic knowledge of various tools that we use, like Burp Suite, OWASP Zap, nmap etc.
Should have the attitude for solving problems from scratch and the passion to work with a transparent and open minded team
Good knowledge of cloud and containers, specifically GCP and Docker
Should have contributed to open source repos and have participated, presented or led/leading Security Groups, or conferences
We prefer hackers who create their own tools rather than just using other’s tools
About the Team
Gojek’s Information Security team is a group of 70+ security experts based primarily out of Bengaluru, Singapore, and Indonesia. The Product Security team, a sub-pod of the InfoSec team at Gojek, helps ensure that all applications, products, services, and platforms are being developed with adequate control measures to avoid security breaches, fraud, or abuse. To achieve this, we closely work with our product engineers and build secure software deployed within our cloud infrastructure. Additionally, we run the Gojek bug bounty programs and provide product security incident response capabilities.
Our mission is to enable Gojek engineering teams to build secure software while providing them the appropriate security context to make decisions and ultimately make Gojek the most trusted and safest platform to transact, eat, travel, and have fun
As a team, we are concerned with the growth and safety of the company, and each other’s personal growth and well being too. With WFH becoming more normalized, you best believe we have been sharing our favorite ways to prioritize a healthy work-life balance at home. Along with our desire to utilize smart technology and innovative engineering strategies to make people’s lives easier, our team also bonds over our shared love for tea, and the latest movies & TV shows.
About Us
Gojek is a Super App. It’s one app for ordering food, commuting, digital payments, shopping, hyper-local delivery, and dozen other products. It is Indonesia’s first and only decacorn. It’s also the only Southeast Asian startup to be part of Fortune’s list of ‘Companies That Changed The World.’
Our Mission: To create and scale positive socio-economic impact for our customers, driver-partners, business and MSMEs.
As of 2018, Gojek processed more than $9 billion annualised gross transaction value across all markets where it operates – in Singapore, Thailand, Vietnam and Indonesia. We have the largest food delivery product in Asia, (outside of China), and the largest payments wallet in Southeast Asia.
Our investors include Google, Facebook, PayPal, Sequoia Capital, Tencent Holdings among others.
Gojek is committed to building a diverse and inclusive workplace and is an equal opportunity employer. We do not discriminate on the basis of race, religion, national origin, gender, gender identity, sexual orientation, disability, age, education status, or any other legally protected status.