基本信息

职位编号:
WD00012282
工作领域:
Hardware Engineering
国家/地区:
中国
省:
北京
市:
北京(Beijing)
日期:
Wednesday, November 3, 2021
工作性质:
Full-time

为什么选择联想

联想是一家成立于中国、业务遍及180个市场的全球化科技公司。联想聚焦全球化发展,树立了行业领先的多元企业文化和运营模式典范,服务全球超过10亿用户。作为值得信赖的全球科技企业领导者,联想助力客户,把握明日科技,变革今日世界。

联想作为全球领先ICT科技企业,秉承“智能,为每一个可能”的理念,为用户与全行业提供整合了应用、服务和最佳体验的智能终端,以及强大的云基础设施与行业智能解决方案。

联想 - 没有天花板的舞台,赶快加入我们吧!

职位描述和要求:

Job Responsibilities:

1. Responsible for the safety test of the company's products, propose a repair plan and assist related personnel in repair;

2. Participate in the establishment and improvement of relevant product safety regulations and procedures;

3. According to the current status of product security, discover potential security risks, conduct penetration testing and exploit vulnerabilities on PCs, tablets, mobile phones, and IOT smart hardware products, and promote the implementation of security requirements in products;

4. Manage the existing tools in the CSL

5 Carry out security standard training for development and testing personnel to improve safety risk prevention capabilities;

6. Responsible for the construction of automated vulnerability mining tool platform and the construction of threat intelligence system.

job requirements:

Basic items:

1. More than 3 years of safety experience;

2. Familiar with at least one development language such as python, Java and PHP;

3. Sensitive to security vulnerabilities, good at discovering hidden dangers or security vulnerabilities in products;

4. Have independent experience in vulnerability mining research and analysis, not limited to web vulnerabilities, system vulnerabilities, and application vulnerabilities

5. Have some insights into the vulnerabilities principles and utilization methods of various Web, APP, hardware, and IOT products, and be familiar with common security vulnerabilities solutions;

6. Have good plan execution ability and problem-solving ability, have a high degree of work responsibility, good team consciousness and coordination and cooperation ability.

Plus:

1. Those engaged in IOT security-related research are preferred;

2. Participated in a large CTF and achieved an excellent ranking or submitted high-risk vulnerabilities in CVE/CNVD/CNNVD preferred;

3. Holders of CISSP are preferred;

4. Have good communication skills, coordination skills, understanding skills, and have a strong sense of responsibility and team management skills. Those who can withstand a certain intensity of work pressure are preferred.