Lenovo

Description: 
1. Be responsible for the drill of red blue confrontation attack and defense, and continuously evaluate the safety protection level of the company.

2. Research cutting-edge security technologies, vulnerabilities, intelligence and attack methods.

3. Extract attack features, build a network security blue army weapon platform, and improve the automatic confrontation capability.

Basic post requirements

1. Proficiently master the key technologies, tool use and attack ideas of ATT&CK in each link;

2. Proficient in mainstream network, application, system attack technology and common tools, familiar with the principle and utilization of common security vulnerabilities;

3. Track cutting-edge security attack and defense technologies, and have the ability to exploit/analyze/reproduce vulnerabilities;

4. Be familiar with various ways to obtain threat information, and track and analyze security threats;

5. Have the ability of reverse analysis of trojan horse/virus/worm and kill free technology;

5. Good communication, analysis, coordination and teamwork spirit.

Bonus items:

1. Have ATT&CK landing experience.

2. Have more experience in extranet and extranet penetration or have in-depth research on the confrontation in the working group/domain.

3. Have the experience of winning awards in large network security competitions (such as HW)/digging high quality vulnerabilities/publishing in-depth technical papers.

4. Rich SRC vulnerability mining experience.

5. Those with relevant security qualifications such as CISSP, CISA, CSSLP, ISO27001, ITIL, PMP, COBIT, Security+, CISP, OSCP, etc.