Roles & Responsibilities
1. Maintain technical products' 'Security Development Kit' refers to the construction and operation of security development libraries and frameworks, including application vulnerability prevention, architecture security (full-process tickets, permission centers, etc.), data security and other fields
2. Participate in the default security of the security development kit Construction and operation of scanning system (mainly white box scanning)
3. Participate in threat modeling, security evaluation (black box testing, white box code audit) and security governance of PCG business
4. Participate in Research and tool construction on vulnerability discovery and protection technologies, such as AI security.
Qualifications
1. One year or more work experience, familiar with secure coding standards and security design principles, experience in the construction and operation of Web/backend security components is preferred
2. Familiar with Web vulnerability principles and attack and defense technologies, familiar with common Web/backend languages and frameworks such as Go/Javascript/Java
3. Have code audit experience, be able to independently mine vulnerabilities, and be proficient in source code audit technology, processes and mainstream Tools
4. Have a certain understanding and practical experience in application architecture security, default security, and zero trust
5. Be proficient in at least one programming language, Go or Python.