Job Responsibility:

1、Responsible for analyzing detection alarms, discover and root cause analysis of the security incidents.

2、Discover, assess, and handle the security risks of the attack events, to provide appropriate security solutions.

3、Continuously optimise the internal security detection systems, by supplementing and updating alarm rules based on active analysis of internal events and threat intelligence data.

4、Responsible for analyzing cyber threat from network traffic, response and design the threat intelligence architecture.

5、Responsible for red and blue team security drills, as well as security detection, policy optimization, and continuous improvement of security operation capabilities.

6、Responsible for handle the security incident, recommend solutions to improve or enhance the standard incident response procedures for the company.

7、Respond to internal alarms of security-related systems, identify high-risk vulnerabilities.

8、Be responsible for the fixes of vulnerabilities for company assets, provide actionable security guidance to asset owners to speed up vulnerabilities remediation.

Job Requirements:

1、Excellent written the professional documents, including vulnerabilities notices etc.

2、Knowledge in how to discover and handle the common security vulnerabilities, understand attackers' techniques, such as webshell, Local Privilege Escalation, backdoor etc.

3、Familiar with the basic operation of the Windows and Linux system, understand the acknowledge of database and web application service.

4、Proficient in at least one development language, such as Python, Java, PHP, etc.

5、Familiar with the SQL language, able to write the basic queries;

6、Familiar with the basic mechanism and the practical solutions of security systems and products, e.g. SIEM, Honeypot, sandbox, HIDS, WAF, Splunk;

Nice to have:

1、Experience working in large or well-known Internet companies is preferred.

2、Experience in offensive and defensive combat drills is preferred.