Life at Grab

At Grab, every Grabber is guided by The Grab Way, which spells out our mission, how we believe we can achieve it, and our operating principles - the 4Hs: Heart, Hunger, Honour and Humility. These principles guide and help us make decisions as we work to create economic empowerment for the people of Southeast Asia.

Get to know the Team

The Grab’s Application Security team is part of the Cyber Security team at Grab, and we focus on keeping our application and data safe while adapting to the high-speed growth of our business.

We are the team who focus on exploring and using advanced techniques to detect, mitigate, and remediate vulnerabilities and security flaws in Grab. If you are looking for an environment where you could continuously learn and grow, then you should join our team!

Get to know the Role

We are looking for someone who is passionate about exploring new technologies (i.e. LLM) and methodologies to elevate and redefine a new generation of Application Security function.

This role will report into the Head of Application Security; with a focus in coaching and mentoring a team of security engineers responsible for Application Security of apps and services in the areas of threat modeling, specification reviews, code reviews, and penetration testing. We believe a successful candidate has excellent communication skills, creative problem solving ability, and a strong passion in cybersecurity, but if you believe you have what it takes then we’d love to hear from you either way. This role is required because we care about our Grab’s mission and we would like someone who is outstanding to perform code review and organize penetration testing and possible red teaming for various systems at Grab.

The Day-to-Day Activities

• You lead a team of security engineers responsible for Application Security of Grab Financial Group apps and services, Grab Passenger app, Grab Driver app, Grab Merchant app and its services - threat modeling, specification reviews, code reviews, and penetration testing

• You engage with Cyber Security leadership to define and execute application security strategy. Build a vision to transform the Application Security mindset at Grab into a self-governing mode

• You ensure stakeholder management is optimal to create a positive impact and building trust

• You lead initiatives to improve the application security posture of Grab services to an increasing baseline

• You engage with external vendors to facilitate third party security attestations needed to satisfy regulatory requirements

• You engage with other Cyber Security verticals to streamline the processes and remove gaps to better support Grab’s business needs, meet security industry standards and data protection regulations

The Must-Haves

• You have Heart, Hunger, Honour and Humility

• 10+ years of security industry experience utilizing web/mobile application security and knowledge of the security/threat landscape.

• Working experience with cloud technologies such as AWS and Azure.

• Strong understanding of defense in-depth methodologies.

• Ability to develop technical solutions and use existing tools to help discover and mitigate security vulnerabilities

• Ability to code or script in at least one programming language like Python, Java, GoLang, C++.

• Excellent knowledge of pen-testing tools and procedures for Web/Mobile

• Passionate about exploring new technologies i.e. LLM, AR etc

Our Commitment

We are committed to building diverse teams and creating an inclusive workplace that enables all Grabbers to perform at their best, regardless of nationality, ethnicity, religion, age, gender identity or sexual orientation and other attributes that make each Grabber unique.