V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
zbd123
V2EX  ›  酷工作

高级系统安全工程师

  •  
  •   zbd123 · 170 天前 · 1425 次点击
    这是一个创建于 170 天前的主题,其中的信息可能已经有所发展或是发生改变。

    岗位关键字:安全攻防,漏洞识别,漏洞防护,容器扫描

    岗位职责:

    1. 负责集团和各产品线的安全规范制定、安全技术评估、设计和支持;
    2. 制定集团/产品线级安全设计指标和质量评估标准,制定安全相关静态代码检查规则,验证产品的安全性;
    3. 设计并指导安全特征实现,组织指导研发团队进行威胁建模,制定安全保障策略;
    4. 关注业界安全动态,负责产品安全需求与技术跟踪,及时应对安全风险。 任职资格:

    要求

    1. 熟悉常见的系统、网络、应用攻击技术原理及防御加固方案;
    2. 熟悉流行的虚拟化技术、分布式计算、SDN 等技术原理、安全风险及加固方案;
    3. 熟悉公有云和平台安全防护设计和产品服务
    4. 熟悉行业内主流安全产品的设计和厂商
    5. 熟悉等保等安全规范,能够针对客户提出的等保需求,给出针对性建议和方案
    6. 能够从客户业务需求出发,给出具体客户安全加固的落地方案
    7. 在 Web 应用安全、移动 APP 安全、主机系统安全、网络安全、攻击检测与防御至少两方面有较深入的研究和实践
    8. 具备防火墙、web 应用防火墙( WAF )、审计等产品全生命周期设计、开发管理经验优先,持有 BIP 证书者优先
    9. 英文能沟通,书面和口语,偶然口语

    加分项:

    1.熟悉 X86/ARM/ARM64 等任一体系结构,熟悉硬件安全机制如 TrustZone ,SGX 等 2.熟悉 Linux/Android/QNX/FreeRTOS 等任一操作系统,对操作系统的安全机制有深入了解"

    最后:

    英文简历 不用考试 USDT 先,后面会考虑在国内开实体

    [email protected]

    8 条回复    2024-01-08 17:14:01 +08:00
    zbd123
        1
    zbd123  
    OP
       170 天前
    About company/Team
    We're an innovative B2B SaaS company with a line of products and services (affiliate management, back-office systems, payments, security and business intelligence). As a cutting-edge technology firm, we are dedicated to safeguarding company/customer digital assets and ensuring the highest standards of cybersecurity. We are seeking a skilled and experienced Security Expert specializing in penetration testing / hacking to join our dynamic team.

    If you're a standout pen-tester/hacker who thrives on conquering challenges and achieving success, we invite you to join our team.

    A special request
    After you have carefully read the vacancy details, please fill in the short form at the end of this post and we'll proceed from there. Thank you.
    Position Description (fulltime, remote, longterm)
    If you are a talented pen-tester/hacker with 5+ of hacking experience, including indepth understanding of system engineering, experience building botnets, reverse sock5 proxies and using metasploit along with other standard tools, read on.
    As a Security Expert, you will be responsible for conducting penetration tests, implementing advanced security measures, and fortifying our systems against potential threats. You will play a crucial role in maintaining the integrity and resilience of our digital infrastructure.

    Responsibilities:
    Penetration Testing: Conduct thorough and comprehensive penetration tests to identify vulnerabilities and weaknesses in our systems.
    Security Assessments: Perform in-depth security assessments to evaluate and enhance our overall cybersecurity posture.
    Anti-Hacking Practices: Implement and refine advanced anti-hacking practices to protect against evolving cyber threats.
    Security Architecture: Contribute to the design and implementation of robust security architecture for our systems.
    Incident Response: Develop and execute incident response plans, ensuring rapid and effective response to security incidents.
    Security Awareness: Foster a culture of security awareness among team members and provide training as needed.
    Collaboration: Work closely with cross-functional teams to integrate security measures seamlessly into our technology stack.
    Research and Development: Stay abreast of the latest cybersecurity trends, emerging threats, and technological advancements to continuously enhance our security protocols.
    Documentation: Maintain detailed documentation of security processes, procedures, and test results.
    Compliance: Ensure compliance with relevant industry standards and regulations related to cybersecurity.

    Qualifications:
    Deep understanding of multiple Operating Systems - Unix/Linux, Windows, etc
    Indepth understanding of computers, system engineering and networking
    Proven experience in developing botnets
    Runing scripts on endpoints
    Proficiency in various anti-hacking practices and tools like Metasploit, Intruder etc
    Proven experience in performing penetration tests and security assessments
    Advanced knowledge of cybersecurity principles, protocols, and technologies.
    Familiarity with industry standards and compliance requirements
    Strong analytical and problem-solving skills
    Excellent communication and interpersonal skills
    Relevant certifications such as CISSP, CEH, or OSCP are highly desirable
    Bachelor's degree in Computer Science, Information Security, or a related field.

    Additional Instructions
    USDT 2500-5000
    BadFox
        2
    BadFox  
       170 天前
    第一次听说 BIP 证书...你指的是 BIP cybersec 的证书?
    zbd123
        3
    zbd123  
    OP
       169 天前
    @BadFox 看英文的中文的初稿不用看。
    wangkai0351
        4
    wangkai0351  
       168 天前
    个人看法,工作职责和薪资不匹配,看工作职责我认为这是一个团队的工作量
    zbd123
        5
    zbd123  
    OP
       167 天前
    @wangkai0351 不是一个人的
    BadFox
        6
    BadFox  
       167 天前
    @zbd123 你这英文中文压根不是一个岗啊,中文是安全运营,英文是 pen tester ,区别好大。
    leadwkor1
        7
    leadwkor1  
       167 天前
    你这中文 jd ,怎么岗位职责像是甲方,岗位要求看着又像是乙方
    zbd123
        8
    zbd123  
    OP
       166 天前
    @leadwkor1 以英文为准啊。有兴趣不
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2543 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 28ms · UTC 08:40 · PVG 16:40 · LAX 01:40 · JFK 04:40
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.