Job Opportunities in Taiwan


September 18, 2024

Agensi Pekerjaan INTHO SDN BHD

台北市

OTHER & FULL TIME


Web應用程式安全工程師 Web Application Security Engineer (INT08072024-2)

*薪資範疇是以美金(USD)來計算*
工作職責:
  • 對Web應用程式進行徹底的安全評估,識別漏洞和潛在威脅。
  • 執行手動和自動滲透測試以模擬攻擊並評估系統漏洞。
  • 管理漏洞掃描工具和流程,以偵測和修復Web應用程式中的安全漏洞。
  • 確定關鍵漏洞的優先順序並升級以立即解決。
  • 與開發團隊合作,將安全控制整合到Web應用程式的設計和架構中。
  • 提供有關安全編碼實踐的指導,並確保遵守安全標準和框架(例如,OWASP Top 10)。
  • 監控Web應用程式是否有安全漏洞或可疑活動。
  • 制定並實施事件回應計畫以及時解決安全事件。
  • 透過全面測試和驗證Web應用程式安全措施來驗證安全控制。
  • 進行安全審查和審計,以確保符合法規要求和行業標準。
  • 透過培訓課程和研討會提高開發團隊和利害關係人的安全意識。
  • 透過倡導最佳實踐和主動安全措施來培養安全文化。
  • 維護安全評估、調查結果和補救活動的準確記錄。
  • 準備並向管理階層和利害關係人提供有關安全漏洞、風險和緩解策略的詳細報告。
職位需要:
  • 電腦科學、資訊安全、網路安全或相關領域的學士學位。優先考慮高級學位或認證(例如 CISSP、CEH、OSCP)。
  • 至少在Web應用程式安全、滲透測試或相關角色方面擁有5-8 年的工作經驗。
  • 在Web應用程式中進行安全評估和實施安全控制方面擁有良好的記錄。
  • 深入了解 Web應用程式漏洞和利用技術(例如 SQL 注入、XSS、CSRF)。
  • 使用Burp Suite、OWASP ZAP、Nmap等安全測試工具的經驗。
  • 熟悉安全任務自動化的腳本語言(例如Python、Perl、Bash)者優先。
  • 強大的分析和解決問題的能力,注重細節。
  • 優秀的口頭和書面溝通技巧,能夠向技術和非技術受眾傳達複雜的安全問題。
  • 能夠在團隊環境中獨立工作和協作。
  • 了解網路安全法規、標準和最佳實務(例如 GDPR、PCI DSS、ISO 27001)。
  • 願意隨時了解新出現的威脅、漏洞和安全技術。
  • 致力於網路安全領域的持續學習和專業發展。
  • 如有需要,願意出差或被派遣到指定國家或項目地點。
其他福利:
  • 海外工作許可證將由雇主擔保
  • 醫療福利
Job Description:
  • Conduct thorough security assessments of web applications, identifying vulnerabilities and potential threats.
  • Perform manual and automated penetration testing to simulate attacks and assess system vulnerabilities.
  • Manage vulnerability scanning tools and processes to detect and remediate security weaknesses in web applications.
  • Prioritize and escalate critical vulnerabilities for immediate resolution.
  • Collaborate with development teams to integrate security controls into the design and architecture of web applications.
  • Provide guidance on secure coding practices and ensure adherence to security standards and frameworks (e.g., OWASP Top 10).
  • Monitor web applications for security breaches or suspicious activity.
  • Develop and implement incident response plans to address security incidents promptly.
  • Validate security controls through comprehensive testing and validation of web application security measures.
  • Conduct security reviews and audits to ensure compliance with regulatory requirements and industry standards.
  • Promote security awareness among development teams and stakeholders through training sessions and workshops.
  • Foster a culture of security by advocating best practices and proactive security measures.
  • Maintain accurate documentation of security assessments, findings, and remediation activities.
  • Prepare and present detailed reports on security vulnerabilities, risks, and mitigation strategies to management and stakeholders.
Job Requirement:
  • Bachelor’s degree in computer science, Information Security, Cybersecurity, or a related field. Advanced degrees or certifications (e.g., CISSP, CEH, OSCP) are preferred.
  • Minimum of 5-8 years of proven experience in web application security, penetration testing, or related roles.
  • Proven track record of conducting security assessments and implementing security controls in web applications.
  • Deep understanding of web application vulnerabilities and exploitation techniques (e.g., SQL injection, XSS, CSRF).
  • Experience with security testing tools such as Burp Suite, OWASP ZAP, Nmap, etc.
  • Familiarity with scripting languages (e.g., Python, Perl, Bash) for automation of security tasks is a plus.
  • Strong analytical and problem-solving skills with attention to detail.
  • Excellent communication skills, both verbal and written, with the ability to convey complex security issues to technical and non-technical audiences.
  • Ability to work independently and collaboratively in a team environment.
  • Knowledge of cybersecurity regulations, standards, and best practices (e.g., GDPR, PCI DSS, ISO 27001).
  • Willingness to stay updated with emerging threats, vulnerabilities, and security technologies.
  • Commitment to continuous learning and professional development in the field of cybersecurity.
  • Willing to travel or relocate to other countries or project location as assigned if required.
Other benefit: -
  • Overseas work permits will be sponsored by employer
  • Medical benefit
工作類型: 全職, 新鮮人
可以通勤/搬遷:
  • 台北市: 長期通勤,或願意以僱主提供的方案進行搬遷 (優先考慮)
教育程度:
  • 大學 (必填)
工作經驗:
  • WEB應用程式安全相關: 5 年 (優先考慮)
語言:
  • 英文 (必填)
  • 中文 (必填)
出差意願:
  • 75% (優先考慮)

Latest Job Opportunities


September 21, 2024

粉亮飾品專賣店
IONIC App 開發
View Details

September 21, 2024

NielsenIQ
Associate Director, Analytics

台北市

View Details

September 21, 2024

裕明玻璃有限公司
IONIC App 開發
View Details

September 21, 2024

國雲保全股份有限公司
IONIC App 開發
View Details

Similar Jobs


September 9, 2024

KLA
Regional Division Application Engineer

新竹市

OTHER

View Details

September 4, 2024

Applied Materials
Application Engineer III

新竹市

OTHER

View Details

January 4, 2024

IQVIA
Clinical Research Associate (for application use)

台北市

OTHER

View Details

July 11, 2024

onsemi
Director, Applications

台北市

OTHER

View Details

August 31, 2024

Synopsys
Applications Engineering, Staff Engineer(Nanotime/ ESP)

新竹市

View Details

August 18, 2024

Ansys
Senior Application Engineer - Fluids
View Details

New Jobs from This Company


September 19, 2024

Agensi Pekerjaan INTHO SDN BHD
IT部門經理 IT Department Manager (INT16072024-5)

台北市

OTHER

View Details

September 19, 2024

Agensi Pekerjaan INTHO SDN BHD
系統架構師 System Architect (INT16072024-7)

台北市

FULL TIME & OTHER

View Details

September 19, 2024

Agensi Pekerjaan INTHO SDN BHD
IT 技術總監 IT Director (INT15072024-4)

台北市

OTHER

View Details

September 19, 2024

Agensi Pekerjaan INTHO SDN BHD
高級網路安全工程師 Senior Network Safety Engineer (INT20082024-3)

台北市

OTHER & FULL TIME

View Details

September 18, 2024

Agensi Pekerjaan INTHO SDN BHD
電腦程式設計師 Computer Programmer (INT15072024-3 )

台北市

OTHER & FULL TIME

View Details