Cybersecurity Application Pentest Lead (Jakarta)

Meratus Group is a leading integrated maritime and logistics operator in Indonesia, pioneering innovative solutions that drive efficiency and sustainability in the industry. With a rich history dating back to 1957, Meratus has evolved into a powerhouse, operating over 45 shipping routes, a fleet of 100 vessels, and a network of container terminals and logistics centers.

At Meratus, we are committed to digitalization, innovation, and transformation, ensuring seamless logistics and maritime services across Indonesia and Southeast Asia. Our customer-centric approach and agile operations empower businesses to navigate complex supply chain challenges with confidence.

We take pride in fostering a dynamic and inclusive workplace, where talented professionals can thrive and contribute to shaping the future of maritime logistics. Join us and be part of a team that is redefining industry standards while making a meaningful impact on global trade and sustainability.

Position Overview :
Cybersecurity Application Pentest Lead is responsible for leading application security assessments, penetration testing activities, secure development initiatives, and vulnerability management programs across the organization's digital products, applications, APIs, and technology platforms.

Responsibilities :

• Penetration Testing: Lead security assessments and penetration testing activities across enterprise web applications, mobile apps, APIs, and networks.
  
• Vulnerability & Threat Analysis: Identify, validate, prioritize, and track software security vulnerabilities, delivering actionable remediation guidance to software engineering teams.
• Secure SDLC & DevSecOps: Evaluate secure coding practices and seamlessly integrate automated security testing tools into continuous integration/continuous deployment (CI/CD) pipelines.
• Advanced Simulations: Plan and execute sophisticated Red Team and Purple Team simulation exercises focused on application layer bypasses.
• Methodology & Reporting: Establish formalized internal pentesting methodologies and produce clear security assessment reports and executive summaries for management.
• Incident Investigation: Assist in forensic investigations and incident response activities involving targeted application vulnerabilities.

Requirements : 

• Bachelor's degree in Computer Science, Cyber Security, or equivalent technical work experience.
• 2 - 3 years of experience specializing in Application Penetration Testing (Web, Mobile, and API).
• Deep expertise in the OWASP Top 10, SANS Top 25, secure source code review tools (SAST/DAST), and manual code analysis.
• Strong understanding of modern DevSecOps practices, cloud application architectures, and API frameworks.