Security Engineer, Penetration Tester Jakarta, Jakarta, Indonesia

We are looking for amid-level Security Engineer (Penetration Tester) to join our Security team in Jakarta, Indonesia. You will play a key role in strengthening our security posture by performing hands‑on penetration testing, identifying real‑world risks, and working closely with engineering teams to drive remediation. This role is ideal for someone who is technically strong, detail‑oriented, and eager to continuously sharpen their offensive security skills in a collaborative environment.

What You Will Do

Plan and execute penetration tests across networks, systems, and web/mobile applications

Lead or independently handle penetration testing engagements from scoping to reporting

Analyze vulnerabilities, assess risk impact, and produce clear, actionable remediation recommendations

Collaborate with developers, infrastructure, and security teams to address findings throughout the SDLC

Support security incident response activities when required

Continuously research emerging threats, attack techniques, and testing methodologies

Contribute to improving internal penetration testing tools, playbooks, and processes

What We Are Looking For

Bachelor’s degree in Computer Science, Information Security, or a related technical field

Minimum 2 years of hands‑on experience in penetration testing or offensive security roles

Proven experience conducting penetration tests for web and mobile applications

Certification: OSCP or CREST (or equivalent recognized offensive security cert)

Strong proficiency with tools such as Burp Suite, Metasploit, Nmap, and Wireshark

Solid understanding of security standards and frameworks (OWASP Top 10, NIST, CIS)

Strong analytical skills with the ability to clearly explain security risks to technical and non-technical stakeholders

Experience with secure coding practices, code review, or SAST/DAST tools is a plus

Familiarity with cloud security concepts (AWS, GCP, or Azure) is a plus

Experience with CTF competitions, bug bounty triage, or vulnerability disclosure programs is a plus

Create a Job Alert

Interested in building your career at StraitsX? Get future opportunities sent straight to your email.

Accepted file types: pdf, doc, docx, txt, rtf

#J-18808-Ljbffr