- Perform technical activities for delivering effective and secure cloud hosting services
- Identify security issues and risks, develop mitigation plans; architect, design, implement, support, and evaluate security-focused tools and services
- Perform general security awareness and specific security technology training
- Establishes plans and protocols to protect data and information systems against unauthorized access, modification, and/or destruction
- Conduct security assessments to identify security gaps or vulnerabilities and recommend and prioritize remediation actions.
- Engage in incident response activities.
- Integrates existing automation, security operations, and monitoring systems.
- Create and modify detections, signatures, and custom alerting logic based on adversary activity, vulnerabilities, and internal analysis.
- English, Chinese proficiency, can work as a daily language
- 3+ years of demonstrated experience in security engineering, incident response and/or penetration testing
- Understand cloud platform or enterprise security risks and disposal methods
- Familiar with Windows, Linux operating systems knowledge, experience with a scripting language such as Perl, Ruby, Python, and BASH
- Candidates with professional experience in system and business security assessment, penetration testing，vulnerability analysis and remediation, major security incident emergency response are preferred.
- Ability to perform under pressure and handle change easily while meeting deadlines；Maintains knowledge with current emerging technologies and advancements within Information Security
- Communicate with technical and non-technical audiences verbally and in writing form
Nice to have skill
- CISSP, CCSK, GCFA, GNFA, GCIA, GCIH, OSCP and other relevant information security certifications