Senior Security Engineer, Cyber Defense (Threat Detection)

Senior Security Engineer, Cyber Defense (Threat Detection)

• Team Security
• Location Jakarta, Indonesia
• Job Type Full-time

The role at a glance

Get to Know the Team

You’ll be part of an exciting team responsible for the Grab Cyber Defence with the core mission of defending Grab and Grabbers from external and internal threat actors. We do this by detecting, hunting, and responding to those threat actors. Cyber Defence continuously prepares by emulating threat actors to test and practice our defenses. Based on our work and data we collect, we provide insights to our key stakeholders on current and future threats to Grab.

Get to Know the Role

You should have 3-5 or more years in a Security Operations Centre where you have strong security operations analytical skills and understand alerts generated by Cyber Security tools and mentored and assisted junior team members. Alternatively, you may have very strong Cyber Security domain knowledge in Pen-testing, Red-team, Digital Forensics, Cyber Threat Intelligence, or similar experience and looking for a slight shift.

As a Grab Senior Threat Detection Engineer, your core responsibilities are triaging and finding ways to reduce the mean time to detection and containment of a threat before it becomes a larger threat to Grab. You would be helping the junior and team leads understand and triage alerts as well. You are confident in reaching out to Grabbers directly at all seniority levels and cultures, to determine if an action was a threat to Grab.

You would have improved Security Operations in your previous roles by reducing false positives, and creating new alert criteria. You may have done some automation already (SOAR, scripting or engineering) or have good ideas on how to operate in a large-scale and complex environment. You have helped out or maybe lead incidents and can work independently given a task. Malware and analysis of obfuscated scripts may have been something you are highly proficient at.

You want to participate in threat hunting and purple team engagements to improve Cyber Defence core mission.

You’ll be surrounded by equally driven and passionate individuals and supported via training and given time to learn.

The Day-to-Day Activities:

• Review Cyber Security alerts evaluate their severity and escalate as required.

• Review alert criteria for host and network intrusions and push them to production. Also produce decision criteria and playbooks for alerts, automating as much as possible.

• Mature existing detection rules, and create automated tests and automation workflows to improve the overall detection capability.

• Contribute to identifying gaps in the current logging and detection capability and suggest mechanisms to remediate these gaps.

• Contribute to threat hunting, purple team efforts searching for unknown malicious activity in our network using the latest threat intel and knowledge of Cyber security.

• Respond with the team when an incident occurs, you will be on the front lines of response for the entire company.

• Contribute to engaging the overall Grab team, working collaboratively to address Grab’s security challenges while understanding business needs.

Our Commitment

We recognize that with these individual attributes come different workplace challenges, and we will work with Grabbers to address them in our journey towards creating inclusion at Grab for all Grabbers.

Read more Skills you need

The Must-Haves:

• 3-5 years of experience in a Security Operations Centre or worked as a Pentester, Red-teamer, Cyber Threat Intelligence, Digital Forensics or Incident Response who wants to make a slight shift.

• Ability to work on an on-call basis in a rotating roster.

• Some experience working with SIEM.

• Some experience conducting triaging and escalation in a Cyber Security Operations environment.

• Knowledge of frameworks such as ATT&CK and kill-chain and good communication skills.

• Willingness to work in a regional role covering multiple cultures and countries

• Working collaboratively with other team members.

• Strong, proven track record of delivering results in fast-paced, resource-scarce environments. Assume your favorite tool is not available but that you have the chance to learn a new one.

• Ability to handle stress effectively and maintain strong output during triage or incidents.

• Curiosity and a relentless drive to understand how complex IT environments work and how detections can be built.

• Participated in Incident Response in complex corporate environments.

• Experience with multiple security tools/systems/logs (network, EDR, WAF, OS etc.)

• Some scripting ability to automate tasks or process large amounts of unstructured data.

• Developing security rules in a SIEM platform

The Nice-to-Haves

• Some Cloud knowledge, CI/CD pipelines, Containerisation, and bringing a Cyber Security mindset to the mix.

• Relevant industry certifications

  • Cyber Security: SANS GCIH, GMON, GCIA, GCFA, SIEM, etc.;

  • Cloud infrastructure: (AWS, Azure, GCP).

• Developing security rules in a SIEM platform, workflows in a SOAR platform, and working knowledge of cloud platforms.

Read more What we offer

Life at Grab

At Grab, every Grabber is guided by The Grab Way, which spells out our mission, how we believe we can achieve it, and our operating principles - the 4Hs: Heart, Hunger, Honour, and Humility. These principles guide and help us make decisions as we work to create economic empowerment for the people of Southeast Asia.

Read more Life at Grab Read more

What’s it like to work at Grab?

Play video

Senior Security Engineer, Cyber Defense (Threat Detection)

Apply Now Share

Meet the Security team

Our Security people are the guardians of all information across the company. We're the folks who plan, execute, and set rules to keep everything – from people to places and the important stuff – super secure.

The team is made up of tenacious individuals who never take ‘impossible’ for an answer. We chisel away at problems bit by bit and sometimes we tear the house down completely – but we never walk away from solving some of the biggest challenges that could compromise our users' trust and safety.

“ ” Farrah Harriet RatnaikeHead of Risk Strategy & Operations, GrabFin

Integrity is a fascinating field to be in. Saving a life by preventing a road accident, blocking an account takeover by a fraudster, or outsmarting a scrupulous driver attempting to make fake bookings; all of these are challenging and interesting problems to solve. We use a tonne of data, algorithms, and tech, but it's just as crucial to get what's happening on the ground and in the minds of users and fraudsters to drive results.

“ ” Puneet GambhirHead of Risk (TIS)

Embrace challenges and continue to build up your skills and knowledge in the fast-paced, changing world of technology. That’s how you succeed at Grab.

“ ” Arbie AsugSenior Security Engineer

The Application Process

What can you expect when you apply for a role at Grab? Here’s what our hiring process looks like.

Step 1: Apply.

We have a range of open roles from Marketing to Engineering and everything in between. Find the one that’s best for you and show us why you’re our next teammate.

Step 2: Getting to know you.

Next, you’ll have a video or phone interview with one of our recruiters to chat about you, the role, and your past work experiences.

Step 3: Testing, testing… 123.

Some roles might require assessments and/or a technical competency interview. For other roles, there might be an additional interview – speak with your recruiter for application details.

Step 4: Is it a culture match?

Finally, we’ll find out how we fit together, if your career vision aligns with our mission, how you embody the 4 H's, and your working style and personality.

Grab a spot in our talent community

Want to be the first to know about Grab opportunities? Keen to stay up-to-date with our latest revelations? Ready to learn more about life at Grab and our amazing teams?

Join our talent community and you’ll never miss a beat.

Join now