Responsibilities
- Perform technical activities for delivering effective and secure cloud hosting services.
- Identify security issues and risks, develop mitigation plans; architect, design, implement, support, and evaluate security focused tools and services.
- Perform general security awareness and specific security technology training.
- Establishes plans and protocols to protect data and information systems against unauthorized access, modification, and/or destruction.
- Conduct security assessments to identify security gaps or vulnerabilities and recommend and prioritize remediation actions.
- Engage in incident response activities.
- Integrates existing automation, security operations, and monitoring systems.
- Create and modify detections, signatures, and custom alerting logic based on adversary activity, vulnerabilities, and internal analysis.
Essential Requirements
- English, Chinese proficiency, can work as a daily language.
- 3+ years of demonstrated experience in security engineering, incident response and/or penetration testing.
- Understand cloud platform or enterprise security risks and disposal methods.
- Familiar with Windows, Linux operating systems knowledge, experience with a scripting language such as Perl, Ruby, Python, and BASH.
- Candidates with professional experience in system and business security assessment, penetration testing,vulnerability analysis and remediation, major security incident emergency response are preferred.
- Ability to perform under pressure and handle change easily while meeting deadlines;Maintains knowledge with current emerging technologies and advancements within Information Security.
- Communicate with technical and non-technical audiences verbally and in writing form.
- Nice to have skills: CISSP, CCSK, GCFA, GNFA, GCIA, GCIH, OSCP and other relevant information security certifications
技能標籤: bash, perl, python, ruby
5年以上相關經驗,近來專注於雲端技術和安全性。
獲得多項相關證照,如 AWS Cloud Practitioner、Certified Information Systems Security Professional 等,熟悉 Cloud Security (AWS)、Cyber Threat Intelligence 等系統。
面試時間一小時。
面試主要詢問第一手的技術經驗,包含 Penetration Testing、Red、White Hat 以及 Incident Response 相關技術問題。並說明上班時間,但因為此職位為 Project-based 性質,將視情況加班。