负责电子相关产品的网络安全认证项目工作。

1. Position Summary 

This position is responsible for focusing domain areas of expertise as well as a good breadth of experience across project management, Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, IoT devices Penetration Testing, Open Source Intelligence and Physical Security Testing. 

2. Job Responsibilities 

1. Control the pace of cyber security project, complete the project test with quality and quantity guaranteed. 

2. Carrying out application and IoT devices security tests and performing various aspects of vulnerability assessments/penetration tests across a wide variety of platforms and technologies. Also include the execution of targeted testing activities to identify weaknesses and methods in which to exploit them.  

3. Conduct security risk assessment for IoT system (device, application, and cloud)   

4. Doing research on IoT security technologies and keep tracking global security events. developing and maintaining security attack tools. 

5. Keeping up-to-date with tools, countermeasures, threats and technologies.  

3. Job Requirements

1. Bachelor’s degree in Cybersecurity, Computer Science, Computer Engineering or related field. 

2. Minimum two years of experience in project management.  

3. Minimum one year of conducting penetration testing on IoT devices or mobile applications 

4. Have a broad understanding of various information technology areas used to support and manage the business (i.e. web, networking, database, cloud, telephony, mobile, applications, etc.) and an in-depth experience in at least two area of relevant technology. 

5. Proficiency with Unix/Linux, and mobile platform operating systems.  

6. Be familiar with ARM/MIPS assembly, binary reverse engineering and IoT firmware package/de-package. 

7. Be familiar with TCP/IP based network protocols, basic PKI technology and cryptographic algorithms  

8. Be familiar with one of script languages(Python, Javascript, Shell etc..). Have the ability to develop test scripts.  

9. Be familiar with wireless security such as WiFi, Bluetooth and Zigbee  

10. Understand common binary security issues, common exploit methods and countermeasures.  

11. Comprehension of OWASP Top 10 (both web and IoT), NIST and ISSAF technical controls and standards, and able to understand and communicate how the standards and controls relate to risk management strategies.