Responsibilities
- Drive the adoption of AWS and infrastructure security best practices to enhance overall security posture
- Identify and mitigate security risks through continuous security assessments and penetration testing
- Strengthen threat detection capabilities through effective log analysis and anomaly detection
- Establish and enforce secure-by-design deployment workflows to ensure infrastructure integrity and software supply chain security
Requirements
- 6+ years in infra and AWS environments, or holding Professional-level certifications (e.g., AWS SAP, CKA/CKS).
- At least one of Node.js / Python / Golang as their primary programming language skill, and hard knowledge in concurrent processing
- At least one of AWS / GCP Cloud Infra and IAM knowledge
- Competent understanding of Linux and network security hardening and vulnerability detection
- Competent understanding of OIDC and Kubernetes Service Account
- Good understanding of pentest tools and framework
- Good understanding on one of Coding Agent (Claude Code, Gemini CLI, etc) or Agent Framework (langchain, strands-sdk, etc)
- Proficient in both English and Chinese communication for efficient cross team collaboration
Soft Skills
- Critical Thinking: Ability to analyze root causes and challenge existing architectures for continuous improvement.
- Self-Driven & Passionate: Proactive learner with a deep interest in emerging tech (AI/LLM).
- Strong Communication:Ability to articulate technical decisions clearly to both technical and non-technical stakeholders.