Cyber Security Engineer (美资公司)
广州艾微肯企业管理咨询有限公司
- 公司规模:少于50人
- 公司性质:创业公司
- 公司行业:专业服务(咨询、人力资源、财会) 外包服务
职位信息
- 发布日期:2017-11-08
- 工作地点:上海-黄浦区
- 工作经验:3-4年经验
- 学历要求:本科
- 语言要求:英语熟练
- 职位月薪:1-1.8万/月
- 职位类别:网络工程师
职位描述
职位描述:
Responsibilities
The Security Engineer will conduct, under supervision, advanced vulnerability assessments, penetration tests, and other ethical hacking actions to identify issues in embedded products (IoT) and software.
? Participates in customer projects to analyze customer documentation to interpret Risk Management and Threat Analysis assessment models.
? Is able, under supervision, to verify security controls in the product as described in the documentation.
? Conducts security tests using automated tools, ad-hoc tools, and manual testing techniques.
? Conducts penetration testing against different IoT connected devices technological domains including, but not limited to embedded devices, web apps, mobile apps and other device applications.
? Assesses and calculates risk based on vulnerabilities and exposures discovered during testing, based on international standards such as OWASP, NIST 800-115, OPENSAMM among others
? Creates required information security documentation, technical reports, and formal papers on test findings, and complete requests in accordance with requirements.
? Helps drive innovation in cybersecurity services. Follow-up with the latest technical developments in the physical and logical attacks area that need to be contributed to the internal R&D developments in hardware and software to enhance the level of our attacks and to explore new forms of attacks.
Qualifications
? University Degree (Bachelor’s degree or higher) in Computer Science or a related discipline, preferably mastering in a cybersecurity subject 1 to 3 years experience in:
? Working in a Cybersecurity environment, software development, or ethical hacking.
? Customer facing , well communication skills
? Cybersecurity testing of products and software to identify weaknesses and flaws and ability to create PoC's and clearly document the procedure.
? Hands-on experience with commercial, open source and free security tools for static source code analysis, fuzzing testing, dynamic and binary testing; as well as vulnerability scanning is a benefit
? Understanding of security issues on various operating systems, web and database platforms, proven proficiency in networking and security.
Preferred experience:
? Experience and knowledge in scripting at least one or more of the following languages: sh, csh, perl, python, ruby
? Experience with C, C++, Java programming.
? Experience with QNX, Linux, iOS, AOSP, etc.
? Security related certifications is a plus: CEH, GIAC GSE
? Expertise in testing in the following domains: Embedded software, embedded security, mobile apps, telecom or networking equipment.
Responsibilities
The Security Engineer will conduct, under supervision, advanced vulnerability assessments, penetration tests, and other ethical hacking actions to identify issues in embedded products (IoT) and software.
? Participates in customer projects to analyze customer documentation to interpret Risk Management and Threat Analysis assessment models.
? Is able, under supervision, to verify security controls in the product as described in the documentation.
? Conducts security tests using automated tools, ad-hoc tools, and manual testing techniques.
? Conducts penetration testing against different IoT connected devices technological domains including, but not limited to embedded devices, web apps, mobile apps and other device applications.
? Assesses and calculates risk based on vulnerabilities and exposures discovered during testing, based on international standards such as OWASP, NIST 800-115, OPENSAMM among others
? Creates required information security documentation, technical reports, and formal papers on test findings, and complete requests in accordance with requirements.
? Helps drive innovation in cybersecurity services. Follow-up with the latest technical developments in the physical and logical attacks area that need to be contributed to the internal R&D developments in hardware and software to enhance the level of our attacks and to explore new forms of attacks.
Qualifications
? University Degree (Bachelor’s degree or higher) in Computer Science or a related discipline, preferably mastering in a cybersecurity subject 1 to 3 years experience in:
? Working in a Cybersecurity environment, software development, or ethical hacking.
? Customer facing , well communication skills
? Cybersecurity testing of products and software to identify weaknesses and flaws and ability to create PoC's and clearly document the procedure.
? Hands-on experience with commercial, open source and free security tools for static source code analysis, fuzzing testing, dynamic and binary testing; as well as vulnerability scanning is a benefit
? Understanding of security issues on various operating systems, web and database platforms, proven proficiency in networking and security.
Preferred experience:
? Experience and knowledge in scripting at least one or more of the following languages: sh, csh, perl, python, ruby
? Experience with C, C++, Java programming.
? Experience with QNX, Linux, iOS, AOSP, etc.
? Security related certifications is a plus: CEH, GIAC GSE
? Expertise in testing in the following domains: Embedded software, embedded security, mobile apps, telecom or networking equipment.
职能类别: 网络工程师
公司介绍
艾微肯咨询是一家专注于为企业提供中高端人才寻访服务的人力资源服务公司,客户所在行业涉及大消费品行业、互联网行业、金融行业、制造行业等
联系方式
- 公司地址:上班地址:深圳市南山区高新科技园