1. Lead the design and development of the security test platform, build and improve the automatic
monitoring capability of the security platform;
2. Responsible for tracking the latest security vulnerabilities and technologies in the industry, and develop
vulnerability early warning and solutions.
3. Responsible for independently completing the penetration testing of the platform by using various
internal and external tools, and following up the repair and retest of discovered vulnerabilities;
4. Responsible for the safety penetration test (including black boxes and white boxes), and independently
complete the safety penetration test task;
5. Responsible for the emergency disposal of the security vulnerabilities of the business system;
1. Bachelor degree or above, major in information security, computer science or related science;
2.More than 3 years of full-time working experience in penetration testing, familiar with the steps,
methods and procedures of penetration testing;
3. Understand common programming languages, and can use at least one language in Python, Ruby, Perl, C,
and Java to write penetration test tools / scripts;
4. Familiar with common attacks and defense methods, familiar with web security and penetration
technology, able to conduct WEB penetration testing, WEB code vulnerability mining and analysis;
5. Familiar with the working principle of mainstream operating systems, database, network and application
systems, and fully master common security vulnerabilities and utilization technologies;
6. Familiar with common WEB penetration methods (such as SQL , XSS, file upload, file inclusion, command
execution, etc.);
7. Master various penetration test tools and have a deep understanding of their principles (such as
Burpsuite, sqlmap, appscan, AWVS, nmap, MSF, cobalt strike, etc.);
8. Holding CISP-PTE, CISSP and CISP certificates are preferred;
9. Have a strong interest in safety and strong independent study ability; can actively pay attention to the
latest security attack and defense technology at home and abroad, and be familiar with the frontier
development of security technology field
DISCLAIMER: Dear Candidate! You are fully responsible to deal with the employer on the hiring process. GulfJobs.com will not take any responsibility on your hiring process. Genuine employer does not ask money for hiring!