部门名称：网络安全服务部

II.      Job Responsibilities (starting from verbs, with % of time spent on specific tasks)

1. Carrying out penetration tests and performing various aspects of vulnerability assessments / penetration tests across a wide variety of platforms and technologies. also include the execution of targeted testing activities to identify weaknesses and methods in which to exploit them. (50%)
2. Helping evolve the knowledge of adversarial TTPs and apply that knowledge when evaluating and testing corporate resources. Adherence to the highest standards of safety, ethics, and professional conduct are critical requirements of this position. (20%)
3. Keeping up-to-date with tools, countermeasures, threats and technologies. (20%)
4. Interpreting vulnerabilities, identifying weaknesses, exploiting them and escalate access. (10%)

III.      Job Requirements (knowledge, experience, skills, abilities, etc.)

1. Bachelor’s degree in Cybersecurity, Computer Science, Computer Engineering or related field.
2. Have an understanding of at least 1 area of relevant penetration testing areas  (i.e. web, networking, medical devices, automobile, mobile applications, etc.).
3. Comprehension of OWASP Top 10 (both web and IoT), OSSTMM, PTES, NIST and ISSAF technical controls and standards, and able to understand and communicate how the standards and controls relate to risk management strategies.
4. Knowledge of reverse engineering Windows, Unix/Linux, and Android/iOS based applications would be better.
5. Knowledge of JTAG/UART and on-chip debuggers would be better.
6. Knowledge of wireless protocols, such as WiFi, Bluetooth, Zigbee, etc. would be better.