Application Security Engineer

Who We Are:

Virgo is a digital money with a mission to create financial inclusion for all. Virgo sets you free from the complexity of managing your finances and helps you to reach your financial goals through a reliable and secure system.

People at Virgo, called Spica, embrace dreaming big with small steps. We value humility, open collaboration, and integrity and believe that by working together in harmony, we can reach the same goal to better serve our users.

Join us in our mission to reimagine the financial industry in Indonesia.

What you’ll do:

  • Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments
  • Develop scripts, tools, or methodologies to enhance red teaming processes
  • Assist developers and other tech members in the finding remediations
  • Review solution design, recommend security measures and controls that will keep Virgo Tech environments secure.
  • Create daily and monthly reports,
  • Support compliance team to monitor standards and control
  • Work with distributed teams to achieve security goals
  • Maintain security controls and advocate for best practices

What you’ll need:

  • Minimum 2 years experience in experience as a Pen-Tester – focused on Offensive Security / Red Team activities
  • Hands-on experience with web application penetration testing and infrastructure penetration testing.
  • Practical knowledge of the OWASP Testing Guide, e.g. XSS, CSRF, Session Hijacking.
  • Experienced in scripting languages, e.g. Java,  Python, Golang.
  • Experienced working with SQL languages (such as PostgreSQL, MySQL, etc),
  • Basic understanding of CI/CD pipelines.
  • It will be an advantage if you have professional offensive security certifications including OSCP/ OSWE/ CREST Registered Penetration Tester/ GCIH/ GMON/ CSSLP.
Job Category: Tech
Job Type: Full Time
Job Location: South Jakarta
Job Level: Mid Level