To elevate Ajaib's security posture to global financial standards by building a high-velocity Paved Road. You will move away from being a siloed security auditor to becoming an enabler who builds the automated infrastructure that makes the secure path the easiest path for developers.
Responsibilities
- Building the Paved Road (Platform Layer)
- Continuous Scanning: Integrate SAST, DAST, and SCA (Software Composition Analysis) into CI/CD pipelines (GitHub Actions) to provide instant feedback to developers
- Security-as-Code: Automate security gates in the deployment pipeline to block high/critical severity findings from reaching production
- Tooling Ownership: Manage and maximize the value of the current security stack, including SonarQube, Cloudflare [WAF] and Cloud Automation
- Infrastructure-as-Code (IaC): Build IaC guardrails with automated drift detection to ensure cloud infrastructure (GCP/AWS) remains resilient
- Delivery & Cultural Leadership
- Security Champions: Identify and support embedded Security Champions in every squad, ensuring threat modeling occurs during the design phase rather than right before launch
- Vulnerability Management: Transition from manual tracking to a prioritized Jira backlog, partnering with developers to verify root causes and remediation
- Security Culture: Run developer awareness sessions and secure code workshops to foster a you build it, you run it, you secure it mindset
- Fintech & API Security
- API Assessment: Test payment APIs, transaction flows, and KYC/AML pipelines for fintech-specific attack vectors like BOLA (Broken Object Level Authorization) and mass assignment
- Compliance Support: Ensure technical execution meets Governance Layer standards for Zero Trust and corporate identity anchoring
Requirements
- AppSec Fundamentals: Deep understanding of OWASP Top 10, CWE, and secure SDLC principles
- Automated Tooling: Proficiency in SAST/DAST/SCA tools such as Semgrep, Snyk, Burp Suite Professional, and SonarQube
- Cloud & CI/CD: Practical experience with GCP/AWS IAM, secrets management, and embedding security into GitHub Actions
- Threat Modeling: Ability to conduct threat models using STRIDE or PASTA during the design phase
- Scripting: Proficiency in Python or Bash for scan automation and custom security checks
- Identity & Access: Experience with JumpCloud or Google Workspace for identity anchoring and automated lifecycle management
- Crypto Exposure: Understanding of wallet security, smart contract audit basics, or DeFi risk awareness
- Fintech Security: Awareness of PCI-DSS standards and payment gateway security
Benefits
Join us as we make magic happen to increase Indonesia's financial inclusion!
