1. Operate the company's traffic threat perception platform and EDR platform. Track new alerts, determine alert validity, communicate with business units, and promote security remediation;
2. Continuously optimize and de-noise unnecessary alerts from security application platforms;
3. Conduct vulnerability scans on responsible environments to identify open server ports, application vulnerabilities, weak passwords, etc.; generate reports and prioritize fixes;
4. Participate in incident response, identify threats, propose disposal methods, execute loss prevention, and harden environments;
1. Bachelor's degree or above;
2. 3 - 5 years of information security work experience
3. Possess good communication skills and teamwork ability
4. Operated network traffic threat detection systems, or used EDR products, or operated antivirus software
5. Understand TCP/IP, firewall, IPS principles, familiar with Windows, Linux system security features, hardening methods, security tracing methods, proficient in using security and scripting tools such as Burp Suite, MSF, Python, Shell
6. Experience with ISO27001 and Equal Protection work preferred
7. CISSP, CCIE Security certificates preferred