PT Bank Danamon Indonesia Tbk

Product Security Engineer

PT Bank Danamon Indonesia Tbk  •  Jakarta, ID (Onsite)  •  20 days ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

To elevate Ajaib’s security posture to global financial standards by building a high-velocity "Paved Road". You will move away from being a "siloed" security auditor to becoming an enabler who builds the automated infrastructure that makes the secure path the easiest path for developers.

Responsibilities

1. Building the "Paved Road" (Platform Layer)

  • Continuous Scanning: Integrate SAST, DAST, and SCA (Software Composition Analysis) into CI/CD pipelines (GitHub Actions) to provide instant feedback to developers.
  • Security-as-Code: Automate security gates in the deployment pipeline to block high/critical severity findings from reaching production.
  • Tooling Ownership: Manage and maximize the value of the current security stack, including SonarQube, Cloudflare [WAF] and Cloud Automation .
  • Infrastructure-as-Code (IaC): Build IaC guardrails with automated drift detection to ensure cloud infrastructure (GCP/AWS) remains resilient.

2. Delivery & Cultural Leadership

  • Security Champions: Identify and support embedded Security Champions in every squad, ensuring threat modeling occurs during the design phase rather than right before launch.
  • Vulnerability Management: Transition from manual tracking to a prioritized Jira backlog, partnering with developers to verify root causes and remediation.
  • Security Culture: Run developer awareness sessions and secure code workshops to foster a "you build it, you run it, you secure it" mindset.

3. Fintech & API Security

  • API Assessment: Test payment APIs, transaction flows, and KYC/AML pipelines for fintech-specific attack vectors like BOLA (Broken Object Level Authorization) and mass assignment.
  • Compliance Support: Ensure technical execution meets Governance Layer standards for Zero Trust and corporate identity anchoring.

Requirements

  • AppSec Fundamentals: Deep understanding of OWASP Top 10, CWE, and secure SDLC principles.
  • Automated Tooling: Proficiency in SAST/DAST/SCA tools such as Semgrep, Snyk, Burp Suite Professional, and SonarQube.
  • Cloud & CI/CD: Practical experience with GCP/AWS IAM, secrets management, and embedding security into GitHub Actions.
  • Threat Modeling: Ability to conduct threat models using STRIDE or PASTA during the design phase.
  • Scripting: Proficiency in Python or Bash for scan automation and custom security checks.
  • Identity & Access: Experience with JumpCloud or Google Workspace for identity anchoring and automated lifecycle management.
  • Crypto Exposure: Understanding of wallet security, smart contract audit basics, or DeFi risk awareness.
  • Fintech Security: Awareness of PCI-DSS standards and payment gateway security.

Benefits

Join us as we make magic happen to increase Indonesia’s financial inclusion!

PT Bank Danamon Indonesia Tbk

About PT Bank Danamon Indonesia Tbk

PT Bank Danamon Indonesia Tbk (BEI: BDMN) didirikan pada tahun 1956. Per 31 Desember 2024, Danamon mengelola aset konsolidasian sebesar Rp242 triliun dengan anak perusahannya, Adira Finance. Dalam hal kepemilikan saham, 92,47% saham Danamon dimiliki oleh MUFG, dan 7,53% lainnya dimiliki oleh publik. Dalam melayani nasabah dari semua lini bisnis yaitu Retail, Usaha Kecil dan Menengah, serta Korporasi, Danamon didukung oleh 865* kantor cabang konvensional dan unit Syariah, serta kantor cabang dan kantor perwakilan grup perusahaan Danamon di Indonesia.

Sebagai anak perusahaan dari MUFG yang merupakan salah satu grup jasa keuangan terbesar di dunia, Danamon didukung oleh jaringan global MUFG dan bank mitranya: Krungsri Bank di Thailand, Security Bank di Filipina, dan VietinBank di Vietnam. Danamon juga diperkuat oleh jaringan lokal dari grup perusahaannya yaitu Adira Finance, Home Credit Indonesia, Mandala Finance, dan Zurich Asuransi Indonesia, serta mitra strategisnya.

Bersama MUFG, grup perusahaan serta mitra strategisnya, Danamon berkomitmen untuk terus bertransformasi sebagai Satu Grup Finansial, guna menjadi mitra keuangan terpercaya yang berorientasi pada pelanggan dan selalu berinovasi, demi memenuhi kebutuhan pemegang saham, nasabah, karyawan, dan regulator dengan menghadirkan solusi finansial menyeluruh agar dapat tumbuh bersama.

Danamon dan grup perusahaan serta mitra strategisnya juga menyadari pentingnya aspek keberlanjutan sebagai bagian tak terpisahkan dari pertumbuhan dan kesejahteraan masyarakat.

Selain itu, dalam menjalankan bisnis serta untuk mencapai tujuan sesuai dengan visi dan misinya, Danamon menjunjung tinggi nilai perusahaan “BISA”, yang harus diterapkan oleh seluruh karyawan, manajemen, direksi, dan komisaris Danamon. Nilai-nilai tersebut meliputi Berkolaborasi, Intergritas, Sigap Melayani, dan Adaptif.

Industry
Finance & Insurance
Company Size
10,000+ employees
Headquarters
JAKARTA, ID
Year Founded
Unknown
Website
co.id
Social Media