Mid Security Engineer (Offensive)

We think you also hate when travel app is giving you a headache, right? A slight misinformation can ruin the trip.That is exactly what we are tackling as t-fam! Making sure that our 50+ million users have the best experience in crafting their own adventure.

Your main duties in flying with us:

• Security Analysis and Incident Response:
• Investigate and respond to security incidents, ensuring timely and effective resolution.
• Conduct thorough security log analysis to identify vulnerabilities and potential threats.
• Perform risk scoring based on OWASP Risk Rating and/or CVSS.
• Defensive Technologies:
• Utilize and manage security defensive technologies such as SIEM, WAF, and Bot Management tools.
• Implement and maintain security measures to protect the organization's assets.
• Programming and Technical Skills:
• Apply programming skills to develop and implement security solutions (automation)
• Conduct regular code reviews to ensure security best practices are followed.
• Communication and Presentation:
• Prepare detailed reports on security assessments, incidents, and mitigation strategies.
• Deliver clear and concise presentations to stakeholders on security findings and recommendations.

Mandatory belongings that you must prepare:

• Minimum of 3+ years of experience in the field of cybersecurity (defensive).
• Proven experience in programming and security vulnerability management.
• Ability to perform risk scoring and assessments using OWASP Risk Rating and/or CVSS.
• Hands-on experience with security defensive technologies.
• Strong written and verbal communication and presentation skills.
• Demonstrated experience in security incident response and investigation
• Hands-on experience on managing cloud security perimeter
• Nice to Have:
• Experience with techniques, tactics, and mitigation strategies as outlined by MITRE ATT&CK.
• Familiarity with fulfilling PCI DSS and ISO 27001 compliance requirements.
• Relevant certifications such as GCIH or GMON.
• Have working knowledge of programming / scripting experience such as golang or python.
• Certified Offensive Security Professional (OSCP) 

In the event that you haven’t received any updates after 3 weeks, your data will be kept and we may contact you for another career destination. Meanwhile, discover more about tiket.com on Instagram, LinkedIn, or YouTube.