Job Description
We're looking for a hands-on security doer — someone who scopes, executes, and evaluates security tests end-to-end, both manually and through automation. You will operate across Red, Blue, and Defense functions under the CISO.
Ideal profile
Self-driven, thinks like an attacker, communicates like a consultant. Comfortable owning security engagements independently while thriving in a collaborative Red+Blue team dynamic within a regulated financial institution.
Responsibilities:
- Execute penetration tests — network, web/mobile apps, APIs, cloud, AD — manually and via automated tooling
- Run vulnerability assessments and adversary simulations (MITRE ATT&CK / TIBER-ID aligned)
- Validate and tune defensive controls — SIEM, EDR, WAF, IDS/IPS — in collaboration with Blue Team
- Produce clear pentest reports: risk-rated findings with actionable remediation for both tech and exec audiences
Ready to Apply?
Take the next step in your AI career. Submit your application to OCBC Indonesia today.
Submit Application