Cyber Security Engineer (Penetration Testing)

<p><strong>Responsibilities:</strong></p> <ul> <li>According to project requirements, implement security penetration testing, including but not limited to hosts, networks and web, with legal authorization;<br>Participate in other safety evaluation, security defense, emergency response, training and exercise involved in company project implementation;</li> <li>Based on the company's solutions/products/services, provide expert services to customers, instantly validate the effectiveness of vulnerabilities, provide vulnerability repair suggestions, and explain to customers how to quickly solve problems;</li> <li></li> <li>Responsible for establishing safety procedures, including regular handling procedures and emergency response procedures;</li> <li>Provide internal company security training, participate in the company's red and blue offensive and defensive exercises;</li> <li>Track and analyze major safety events in various fields;</li> <li>Study new technologies and methods in the field of information security.</li> </ul> <p><strong>Requirements:</strong></p> <ul> <li></li> <li>3 years of work experience (including at least 2 years of penetration testing work experience);</li> <li>Good oral, written and expressive skills, English and Chinese (Cantonese and Mandarin), and willing to deal with people of different levels;</li> <li></li> <li></li> <li>Able to analyze vulnerability principles to perform POC, EXP, able to set up various penetration testing demonstration environments, with good documentation writing skills;</li> <li>Have some development skills, be able to write related security tools independently, and be able to automate repetitive work (optional, plus) ;</li> <li>Have quick learning abilities, and an exploratory spirit for cutting-edge technologies and practical applications;</li> <li>Passionate about work, patient and responsible, with good communication skills, team awareness, team collaboration ability, self-motivation and stress resistance;</li> <li>Have published articles on well-known websites and forums, or achieved excellent results in various security competitions, or submitted security vulnerabilities to various SRC and white hat websites, or have an independent CVE number (optional, bonus) ;</li> <li></li> </ul>