Security Engineer - DevSecOps

It's fun to work in a company where people truly BELIEVE in what they're doing!

‎ 

‎ 

Job Description

The Security Engineer - DevSecOps role is central to building secure, resilient systems within Traveloka's technical infrastructure. This position focuses on integrating security practices within the development, deployment, and operational environments, emphasizing a strong foundation in reliability, infrastructure, and automation. As part of the Information Security team, you will collaborate with engineering and infrastructure teams to uphold security standards, ensuring robust practices across the organization.

You'll work closely with cross-functional teams and collaborate with peers from diverse backgrounds in technology, consulting, product management, and academia. The environment fosters openness, encouraging everyone to contribute ideas, influence team directions, and continuously grow. This role provides exposure to a startup-like experience as we expand throughout Southeast Asia and develop new products. While prior DevSecOps experience is beneficial, mentorship and training by senior security leads will be provided.

Security or DevSecOps experience is nice to have but not needed as you will be mentored and trained by senior security leads.

Responsibilities

• Design, build, improve, and maintain automated infrastructure-as-code (IaC) solutions using Terraform, focusing on reliability, scalability, and security within deployment pipelines.
• Maintained the security scanning pipeline, including static and dynamic analysis and dependency checks.
• Collaborate with central infrastructure teams to design and implement standardized reliability and security practices organization-wide.
• Assist in vulnerability patching or improve security within infrastructure and services, collaborating with engineering teams as needed.

‎ 

Requirements

Must Have

• Strong desire for continuous learning and growth.
• Ability to work both independently and collaboratively with remote peers.
• Familiarity with cloud infrastructure and CI/CD practices.
• Familiarity with Terraform, AWS, and GCP for infrastructure automation.
• Experience with observability, monitoring, and automation tools.
• Strong written and verbal English communication skills.

Nice to Have

• Experience in reliability or security roles, such as security engineer, infrastructure engineer, DevSecOps engineer, or a similar position.
• Active involvement in infrastructure or security communities, conferences, or open-source contributions.
• Experience with dependency management tools, CVE analysis, and software bill of materials.
• Knowledge of automated testing methodologies, including static, dynamic, and runtime.
• Experience in software development, infrastructure management, or coding.
• Experience creating reusable libraries or components for software or infrastructure development (Java/JavaScript preferred).
   

‎ 

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!