1) Write safety test plan, safety test case, and safety test report;
2) Participate in the company's red / blue army confrontation, conduct offensive and defensive exercises, and verify the company's defense system;
3) Research and write solutions for automated security testing and vulnerability mining to improve the security team's security work efficiency;
4) Investigate various latest security attack and defense technologies, track the security dynamics of international and domestic security communities, and continuously improve the company's overall security level;
5) Research and practice of intrusion detection ideas for intranet infrastructure to strengthen defense and detection capabilities against the latest threats.
1) Familiar with common tools for vulnerability scanning and penetration testing;
2) Understand the principles of vulnerabilities such as SQL injection / XSS / CSRF / file upload / file inclusion / command execution;
3) Familiar with network system attack and defense, web, APP penetration testing and security reinforcement;
4) Proficient in system security policy and implementation of Linux windows operating system (security configuration and hardening);
5) Familiar with Linux windows log analysis and shell script writing;
6) Familiar with Linux windows server troubleshooting;
7) Familiar with desktop security and analysis of Trojan virus;
8) Experience in submitting vulnerabilities or publishing security related articles is preferred.
Security experience: at least 2 years
Các công việc tương tự