About Grab and Our Workplace

Grab is Southeast Asia's leading superapp. From getting your favourite meals delivered to helping you manage your finances and getting around town hassle-free, we've got your back with everything. In Grab, purpose gives us joy and habits build excellence, while harnessing the power of Technology and AI to deliver the mission of driving Southeast Asia forward by economically empowering everyone, with heart, hunger, honour, and humility.

Get to Know the Role

We are looking for an outstanding Security Engineer who will perform system architecture review, code review, training of staff, and organizing penetration testing and possible red teaming for various systems of Grab, Grab Joint Venture initiatives i.e Digibank, including those leveraging AI and machine learning.

The job might also involve incident prevention and response, particularly for AI-driven systems, and includes individual and teamwork, and the applicant should feel comfortable with both. This will be an onsite role based in Jakarta. You will be reporting to the Senior Cybersecurity Manager.

The Critical Tasks You Will Perform

• Vulnerability Management: Drive the identification and remediation of high-priority Web/Mobile application and environment security issues, including screening, providing remediation guidance, validating fixes, and assessing the risk and impact of vulnerabilities or proposed mitigations.
• Security Expertise & Support: Provide application security expertise to other Cyber Security teams and assist the Cyber Incident Response team with investigations.
• Bug Bounty Participation: Triage security issues reported via Grab's Bug Bounty Program on HackerOne and follow up with development teams for fixes.
• Testing & Auditing: Conduct application security testing, source code auditing, and penetration testing focused on critical data, services, and environments; provide clear risk assessments and remediation guidelines.
• Research & Documentation: Research the latest cybersecurity methodologies, threats, and technology frameworks; document and disseminate security guidelines, remediation mentorship, and security technology baselines.
• Tool Development & AI Utilization: Develop tools, exploits, and AI-enhanced automation scripts/intelligent security testing frameworks to support application security reviews and penetration testing.
• AI/ML Security: Secure AI/ML applications and APIs against emerging threats (e.g., prompt injection, model poisoning, adversarial attacks) and use AI-powered tools/assistants to enhance vulnerability detection, risk assessment, testing efficiency, research, and threat analysis.

What Essential Skills You Will Need

• 2+ years of security industry experience, specializing in web/mobile application security and an understanding of the threat landscape; embody our core values of Heart, Hunger, Honour, and Humility.
• Technical Proficiency: Working knowledge of major cloud platforms (AWS, GCP, Alibaba, Azure), expertise in web/mobile penetration testing tools/procedures, and foundational understanding of defense-in-depth methodologies and security best practices.
• Coding & Automation: Ability to code/script in at least one language (e.g., Python, Java, GoLang, C++) to develop technical solutions, automate security testing, and mitigate vulnerabilities.
• AI Security Focus: Understanding of AI/ML security risks (e.g., OWASP Top 10 for LLMs, prompt injection, model vulnerabilities), knowledge of securing AI applications/APIs, and proficiency in using AI assistants (ChatGPT/Claude) and basic prompt engineering for security analysis.
• Communication & Collaboration: Able to point out technical solutions, advocate for cybersecurity across teams, and contribute to solution architecture, test plans, and implementation.
• Experience in vulnerability management, patching automation, and VA/PT techniques.
• Cyber Security certifications such as OSCP, OSCE, or CREST.

Life at Grab

We care about your well-being at Grab, here are some of the global benefits we offer:

• We have your back with Term Life Insurance and comprehensive Medical Insurance.
• With GrabFlex, create a benefits package that suits your needs and aspirations.
• Celebrate moments that matter in life with loved ones through Parental and Birthday leave, and give back to your communities through Love-all-Serve-all (LASA) volunteering leave
• We have a confidential Grabber Assistance Programme to guide and uplift you and your loved ones through life's challenges.
• Balancing personal commitments and life's demands are made easier with our FlexWork arrangements such as differentiated hours

What We Stand For At Grab

We are committed to building an inclusive and equitable workplace that provides equal opportunity for Grabbers to grow and perform at their best. We consider all candidates fairly and equally regardless of nationality, ethnicity, race, religion, age, gender, family commitments, physical and mental impairments or disabilities, and other attributes that make them unique.