- 经验
- 10年以上经验
- 薪水
- —
- 职位空缺
- 1
- 发布
- 2小时前
- 工作模式
- 在办公室
- 学历
- Bachelor’s degree in Information Security or Computer Engineering
- 恢复
- 需要申请
你的工作地点
职位描述
Job Overview
The Senior Information Security Engineer is responsible for safeguarding the organization's applications and data by ensuring adherence to top-tier security standards. This expert position involves leading the development of secure coding practices, conducting thorough application security and vulnerability testing, and delivering comprehensive security validations across the company's environments.
Key Responsibilities
- Execute routine penetration tests on corporate applications to identify security weaknesses.
- Conduct diverse security evaluations including white box, gray box, and black box assessments.
- Assist the enterprise, joint ventures, and subsidiaries in integrating a Secure Software Development Lifecycle (SDLC).
- Perform security analyses focused on mobile services.
- Contribute to environmental security monitoring by utilizing existing tools or creating internal solutions for advanced threat detection and response.
- Carry out security vulnerability assessments and analyze their potential impact on the company’s electronic assets.
- Assess security of ERP systems and other on-premises infrastructure.
Qualifications and Expertise
- Proven leadership skills managing both direct and indirect teams.
- Ability to articulate complex technical issues effectively to non-technical stakeholders.
- Competence in evaluating and quantifying security risks and their potential impacts.
- Certified Ethical Hacker certification is mandatory.
- Expertise at OCSP technical levels.
- Advanced scripting abilities to support security initiatives.
- Comprehensive knowledge of ISO 27000 standards.
- Strong foundations in application and infrastructure security disciplines.
- Experience utilizing open-source security tools extensively.
- Relevant security certifications emphasizing either offensive or defensive security techniques.
- Bachelor’s degree in Information Security, Computer Engineering, or related field.
- Over ten years of professional experience within the cybersecurity domain, with a strong background in systems, network, and/or application security.
Preferred Background
- Previous involvement in product development environments is advantageous.