- Perform technical activities for delivering effective and secure cloud hosting services.
- Identify security issues and risks, develop mitigation plans; architect, design, implement, support, and evaluate security focused tools and services.
- Perform general security awareness and specific security technology training.
- Establishes plans and protocols to protect data and information systems against unauthorized access, modification, and/or destruction.
- Conduct security assessments to identify security gaps or vulnerabilities and recommend and prioritize remediation actions.
- Engage in incident response activities.
- Integrates existing automation, security operations, and monitoring systems.
- Create and modify detections, signatures, and custom alerting logic based on adversary activity, vulnerabilities, and internal analysis.
- English, Chinese proficiency, can work as a daily language.
- 3+ years of demonstrated experience in security engineering, incident response and/or penetration testing.
- Understand cloud platform or enterprise security risks and disposal methods.
- Familiar with Windows, Linux operating systems knowledge, experience with a scripting language such as Perl, Ruby, Python, and BASH.
- Candidates with professional experience in system and business security assessment, penetration testing，vulnerability analysis and remediation, major security incident emergency response are preferred.
- Ability to perform under pressure and handle change easily while meeting deadlines；Maintains knowledge with current emerging technologies and advancements within Information Security.
- Communicate with technical and non-technical audiences verbally and in writing form.
- Nice to have skills: CISSP, CCSK, GCFA, GNFA, GCIA, GCIH, OSCP and other relevant information security certifications