IT Manager, Security and Compliance Administration

Job Responsibilities

• Plan, lead and manage IT Security, Cyber Security protection
• Responsible for safety reinforcement for various systems of the company
• Conduct safety assessment tests (black box and white box) on the company's website and business system
• Respond to company security incidents, clear back doors, and analyze attack paths according to logs
• Carry out security technology research, including security prevention technology, hacker technology, etc.
• Organize and implement regular vulnerability scanning, penetration testing, security drills, offensive and defense drills, etc.

Job Requirements

• Bachelor Degree or above with one of the ECF-C certification: CISSP, CISA, CISM, CRISC, CEH
• 5 years or above experience on Cyber security protection
• Familiar with attack and defense technology, including SQL injection, XSS cross-site, CSRF forgery request, command execution and other security vulnerabilities and defense
• Familiar with mainstream security tools, including Kali Linux, Metasploit, Nessus, Nmap, AWVS, Burp, Appscan, etc.
• Familiar with Linux/Windows, Apache, Nginx, LAMP/LNMP, Oracle/MySQL
• Deep understanding of network security, system security, application security, web security as a whole with certain code audit and vulnerability analysis and mining capabilities
• Master at least one programming language C/JS/Python/PHP/Java/JS, etc.
• Familiar with mainstrain IPS/WAF/UEBA/SIEM/Honeypot
• Strong team spirit and sense of responsibility with good documentation and communication skills
• Good command of spoken and written English and Chinese, including Putonghua