Application safety engineer

Job responsibility
1. Participate in the construction of SDLC basic capabilities, including safety process, automation tools, index system, etc
2. Responsible for the penetration testing of the company's internal and external network environment and key projects
3. Responsible for the analysis and response of daily application security events

Job qualification
1, with white box audit, penetration testing and other offensive and defensive capabilities, has a wealth of offensive and defensive actual combat or offensive and defensive confrontation experience
2, proficient in at least 1 script or high-level language, with the ability to understand the cause of vulnerability can be quickly converted into POC
3, proficient in common attack means and defense measures, proficient in the causes of various vulnerabilities, infiltration ideas and methods
4, with Party A SDL, DevSecOps related security process construction experience, with automated security testing
5. Bonus points: submitted original loopholes; Attack and defense honors, SRC ranking; github open source project