Job Requirements

1 Priority will be given to candidates with a background in computer science, software design, information security, etc.
2 More than one year of relevant work experience, and candidates with outstanding qualifications will be allowed to apply to fresh graduates
3 Candidates who have participated in well-known domestic and international competitions and achieved excellent results, such as domestic and international CTF competitions
4 Candidates who have participated in the Internet Security Action, published excellent technical articles, and have experience in security services will be given priority
5 Candidates who have any one of the following conditions:
-Familiar with the security of Android and iOS platforms, and familiar with common security issues and protection solutions for mobile apps
-Familiar with Linux/Unix operating systems, familiar with the use of common commands, and familiar with common attacks and protection methods
-Familiar with TCP/IP or HTTP/HTTPS protocols, and familiar with common attacks and protection methods for network protocols
-Familiar with common Web application attacks and protection methods
-Able to write PoC, Exp, and familiar with languages ​​such as Python and Go
-Familiar with the protection principles and rule configuration of common security products
6 Candidates with various security system operation and maintenance experience or security incident handling experience will be given priority
7 Candidates with information security-related qualification certificates will be given priority, such as CISSP, CISP, etc.

Job Responsibilities

1 Responsible for the operation of security products/platforms, such as rule configuration, policy optimization, and alarm handling of WAF, F5, etc.
2 Follow up the closed loop of security vulnerabilities, and be able to independently assist the business in repairing security vulnerabilities until the vulnerabilities are closed;
3 Able to assist in internal/external security vulnerabilities, intelligence emergency response handling, impact scope assessment, utilization complexity analysis, attack tracing, etc.