Senior System Security Risk Control Engineer

Security Planning and System Design:

• Develop and implement the company s overall information security strategy and management system.
  
• Design and execute security management processes to safeguard the companys systems data and networks.
  

Security Assessments and Risk Management:

• Conduct security assessments on internal systems networks and servers.
  
• Work closely with relevant teams to implement security solutions track progress and promote effective execution.
  

Penetration Testing and Intrusion Detection:

• Lead penetration testing efforts to identify weaknesses and vulnerabilities within the companys infrastructure.
  
• Conduct system intrusion detection alarm generation trace analysis and implement measures to prevent further risks.
  

Security Vulnerability Monitoring:

• Continuously monitor and track emerging security vulnerabilities including web application attacks such as SQL injection XSS etc.
  
• Develop strategies to mitigate these vulnerabilities and avoid security risks associated with the companys systems.
  

Team Development and Knowledge Management:

• Guide and train team members to improve their technical expertise and maintain a high level of security knowledge.
  
• Ensure that the team s documentation and security protocols are continuously updated and welldocumented.
  

Requirements

• At least 3 years of handson experience in system security or related fields with expertise in security risk assessment and mitigation.
  
• Degree in System Security Computer Science Information Technology or related fields.
  
• Strong understanding of Linux and Windows operating systems and related security policies and procedures.
  
• Familiarity with WEB application servers and security protocols.
  
• Proficiency in using mainstream security tools and technologies such as IDS/IPS firewalls and other monitoring systems.
  
• Handson experience in formulating security policies handling incidents and responding to security breaches.
  
• Experience with system penetration testing web application security and vulnerability discovery.
  
• Deep understanding of web security issues including common vulnerabilities like SQL injection CrossSite Scripting (XSS) etc.Ability to perform risk assessments vulnerability analysis and threat mitigation.
  
• Proficient in Chinese and English (both written and spoken) for clear communication of security issues and risk reports.