Job Description

  • Participate in the implementation of secure Software Development Life Cycle (SDLC), and be responsible for the security solution reviews, security design and technical assessment for business departments
  • Improve the secure SDLC, build the standard system, and formulate relevant security standards and requirements
  • Produce security solutions and security test reports, provide advice in patching vulnerabilities and following up with the risk mitigation
  • Evaluate the risk points of mainstream application frameworks and develop security solutions to provide security support for each business line

Requirements

  • Bachelor degree in Computer Science, Engineering or related fields
  • More than 3 years of relevant work experience
  • Familiar with OWASP TOP 10 vulnerabilities, and have a deep understanding of the principle, utilisation, patching and reinforcement of various vulnerabilities
  • Familiar with the implementation of enterprise's SDLC process, have work experience in building secure SDLC for IT companies
  • Familiar with black box testing methods and paths, able to independently complete source code auditing work, have hands-on experience in security design checklist;
  • Familiar with at least one programming language such as Java, Python, PHP, go, C, etc., and proficient in reading design documents and related codes
  • Having understanding in common business logic vulnerabilities such as authentication, ultra vires, and tampering, and experiences inindependently exploring business logic vulnerabilities would be a bonus
  • Extensive experience in vulnerability mining, code auditing and security solutions
  • Experience in vulnerability mining at the framework level is preferred

Apply for this Job

* Required

  
  
+ Add Another Employment