Job Description:
1.Responsible for the security test (WEB/API/APP) before the project goes online, and provide consultancy and solutions to remediate security gaps;
2.Conduct security tests on the company's infrastructure and online business systems, and discover business security risks and vulnerabilities；
3.Use a variety of penetration testing or threat modelling tools including open source and commercial;
4.Develop sophisticated, state-of-the-art attacks with tools and scripts by maintaining a high level of expertise in the latest attack methods against embedded products
5.Responsible for the company's cloud business security network and help to formulate cloud business security plans；
6.Clearly articulate risk to the business in terms they understand

Required Qualifications
1.Degree in Computer Security, Computer Science, or equivalent discipline
2.At least 3 years’ hands-on penetration testing experience on infrastructure, network, web applications, mobile applications etc.
3.Familiar with the steps, methods and processes of penetration testing, and proficient in using common penetration testing tools;
4.Experience in secure code reviews is highly desirable;
5.Solid knowledge and experience in using a variety of penetration testing or threat modelling tools including open source and commercial;
6.Proficiency in at least one programming language (C/C++, python, java, Shell, etc.), familiar with mainstream frameworks;
7.Those with experience in reverse analysis are preferred, and those with in-depth research in the field of blockchain security are preferred;
8.Have good communication, coordination, and execution skills, and have the willingness to take the initiative to complete the work.