In this position, you will:
Responsible for conducting security assessments of enterprise networks.
Responsible for researching cutting-edge attack techniques and developing attack tools.
Responsible for penetration testing for large enterprises.
Responsible for red team assessments for large enterprises.
Responsible for conducting offensive and defensive exercises at industry, provincial, and national levels.
To be successful in this position, you should meet the following requirements:
Bachelor's degree or higher, with a preference for majors in network security, computer science, information technology, or related fields;
At least 3 years of penetration testing experience.
Familiar with the principles of common security vulnerabilities and the causes and remediation of OWASP & Mobile TOP 10 vulnerabilities.
Understanding of code security audits and the ability to independently conduct white-box code reviews.
Proficient in various penetration testing tools and have an in-depth understanding of their principles, capable of independently completing various types of penetration tests.
Proficient in at least one programming language and able to write code.
Thorough understanding of common offensive and defensive techniques and the principles of related vulnerabilities (web security or binary).
Strong interest in security and a strong ability to independently research, with good team spirit.
Familiar with common system security mechanisms and possess some security development capabilities.
Proficient in various post-exploitation techniques (including domain penetration).
Possession of network security-related certifications such as OSCP, OSWE, or CISP-PTE is preferred.
When you work:
5 days work
8 hours/day
What you enjoy:
Discretionary Performance bonus
Life insurance
Medical insurance
Education subsidies
Birthday gift
Marriage leave
Birthday leave
Staff discount
CMHK is committed to be an equal opportunity employer. We offer exceptional benefits package and the opportunity to work in a challenging environment. Personal data provided by applicants will be treated strictly in accordance with our personal data policy and for recruitment purposes only.
