AppSec Jobs
← Back to all jobs

GoTo

Associate Product Security Engineer

Guatemala City, Guatemala, GuatemalaWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About GoTo

GoTo Group is an Indonesian technology company formed in May 2021 through the merger of Gojek and Tokopedia. This merger created the largest digital ecosystem in Indonesia, aimed at empowering progress in the digital economy. GoTo Group combines mobility, delivery, payments, financial services, e-commerce, and merchant technology solutions into a comprehensive platform. The company operates a super app that integrates ride-hailing services, e-commerce transactions, and payment solutions. Gojek provides on-demand services such as food and grocery delivery, while Tokopedia connects small merchants with buyers. GoTo Financial offers financial services, including the GoPay e-wallet for transactions. With a focus on small merchants and everyday consumers, GoTo serves tens of millions of users, enhancing access and competitive pricing in Indonesia's digital landscape.

Industry

information technology & services

Employees

2,800

1057 engineers

Revenue

$915M

Website

Visit →

Security at GoTo

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

GoTo's AppSec philosophy centers on 'embedding secure-by-design principles into product development' and views 'Zero trust' as a critical part of their 'bigger tech fitness picture.' Their CISO emphasizes that 'future-ready UCaaS must be secure by design.'

Security Team

The team is led by CISO Attila Török, who is 'responsible for the security of internal systems and products.' He leads a team managing 'security operations, risk management, compliance and product security functions.' The exact team size and reporting lines below the CISO are not publicly available.

Key Initiatives

GoTo has previously implemented a 'security champion programme.' Current initiatives focus on 'embedding secure-by-design principles into product development.' There is evidence of using automation for cloud scanning, though specific AppSec SLAs and triage workflows are not public.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.