大家都知道,2023年不管是对于国内还是国外的互联网公司都是不容易的一年,对于我们Shopee安全团队来说也是充满挑战和机遇的一年——我们仍在不停地成长。
这个月我们新增加了几个与安全运营、漏洞攻防相关的岗位,面向全球安全从业者开放申请。
这几个岗位的工作地点都在新加坡,我们可以提供:
- 为海外员工提供安置费用(Relocation Package)
- 超多的假期(18天年假,14天带薪病假,46天的住院假,育儿假、产假、陪产假等)
- 贴心的医疗保障(涵盖本人、配偶和子女的新加坡医疗保险,可实现门诊全免费,每年定期年度体检)
- 优越的工作环境(健身房、按摩室、桌球、零食间、育儿室、午休睡眠舱)
- 大量公司折扣(新生儿礼包、通讯折扣、景点免费入场券)等
更多关于我们Team和新加坡这个国家本身的一些说明介绍,可以参考我2021年的文章:新加坡著名电商公司Shopee(虾皮购物)安全团队招聘
这次我们招聘的相关岗位JD如下。
✅ 安全运营专家 / Security Operations Expert
中文描述
职责
- 驱动公司安全风险治理项目和漏洞问题修复,深入了解网络架构、基础运维、内网核心系统和全局配置等方面的高危风险点,并为资产所有者提供具体可行的安全指导,加速安全风险的修复过程
- 持续改进内部安全检测体系,主动分析内部事件和威胁情报数据,不断补充和更新告警规则,以确保有效的安全监测和威胁检测
- 响应安全事件和检测警报,通过深入的根本原因分析,包括主动发现和外部报告的问题,与其他团队合作评估其对业务的影响,并采取适当的应对措施
要求
- 具备5年以上的事件响应、系统安全、网络监控、漏洞管理或其他相关领域经验
- 熟悉安全工程的最佳实践,包括网络安全、安全运营、系统安全和事件响应
- 在入侵检测、欺骗检测、数字取证、恶意软件分析、威胁跟踪等方面拥有专业技术深度
- 具备安全漏洞的识别和修复技能,了解攻击者的常见技术手段和安全防护措施
- 熟悉常用的安全监控、日志分析和取证工具,能够有效应用于安全事件的调查和分析
- 精通至少一种脚本语言,如Python、Perl、Bash,在自动化安全任务和工具开发方面有经验
加分项
- 具备中大型互联网企业安全事件响应团队(SIRT)的工作经验,参与过政府组织或公司内部的攻防演练,具备防守方实践经验
英文描述
Responsibilities
- Driving company-wide security risk governance projects and vulnerability remediation efforts. Need to deeply understand high-risk areas such as network architecture, infrastructure operations, internal core systems, and global configurations. You will provide specific and actionable security guidance to asset owners, expediting the process of security risk remediation.
- Continuously improving the internal security detection system by actively analyzing internal incidents and threat intelligence data. You will consistently update and enhance alarm rules to ensure effective security monitoring and threat detection.
- Responding to security incidents and detection alerts by conducting in-depth root cause analysis. This includes proactively identifying and investigating issues, as well as collaborating with other teams to assess their impact on the business and implementing appropriate response measures.
Requirements
- Bachelor's degree in Computer Science, Information Security, or a related field.
- More than 5 years of experience in incident response, system security, network monitoring, vulnerability management, or related fields.
- Familiarity with best practices in security engineering, including network security, security operations, system security, and incident response.
- Proficiency in specialized technical areas such as intrusion detection, deception detection, digital forensics, malware analysis, and threat tracking.
- Ability to identify and remediate security vulnerabilities, and knowledge of common techniques used by attackers and security defense measures.
- Familiarity with commonly used security monitoring, log analysis, and forensic tools, and the ability to effectively apply them in the investigation and analysis of security events.
- Proficiency in at least one scripting language, such as Python, Perl, or Bash, with experience in automating security tasks and tool development.
Bonus
- Experience working in a large-scale internet enterprise's Security Incident Response Team (SIRT), participating in government or internal company red team/blue team exercises, and practical experience in defensive strategies.
- Fluent English communication skills for effective collaboration with multinational teams.
✅ 攻防漏洞专家(二进制方向) / Red Team Expert (Binary)
中文描述
职责
- 设计和开发红队定制的远程控制程序并确保可以绕过端点防护,例如Crowdstrike/Windows Defender/360安全卫士等
- 对常见的EDR和杀毒软件进行逆向分析,绕过Crowdstrike/Trend Micro/Windows Defender/HIDS等防护
- 研究Windows、MacOS、Linux等常见操作系统下的持久化方案
- 在IDC网络、办公环境、云等不同场景中进行红队参与,以模仿APT对手仿真
要求
- 丰富的RAT(Remote Access Tool)开发经验,能够定制类似Cobalt Strike的攻击框架
- 丰富的主机防护免杀经验,能够提供绕过CrowdStrike、Windows Defender、360安全卫士等EDR检测的解决方案
- 对Windows、MacOS、Linux等常见操作系统下的持久化解决方案有丰富的经验
- 深入了解Windows/Linux系统的安全机制,熟悉ring0/ring3中的攻击技术
- 强大的开发技能(例如:C/C++、Go、PowerShell、Javascript、ASM 等)
- 较强的逆向工程能力;熟悉IDA Pro、OllyDBG、WinDBG、GDB等工具
- 良好的沟通能力和有效的团队合作精神,具有良好的职业道德
加分项
- 有渗透测试和红队经验,熟悉 ATT&CK 框架中的杀伤链(例如:外网打点,内网横移,域渗透)
- 获得过bug bounty赏金、CVE、安全会议speaker、Github 明星作者等
英文描述
Job Description
- Research area: reverse analysis and security development
- Design and develop the red team's customized remote control program and ensure that the endpoint protection can be bypassed, such as Crowdstrike/ Windows Defender/360 Safeguard.
- Reverse analysis of common EDR and antivirus software to bypass the protection such as Crowdstrike/ Trend Micro/ Windows Defender / HIDS.
- Research the persistence solution under common operating systems such as Windows, MacOS and Linux.
- Conduct the red team engagement in different scenarios such as IDC network, office environment, cloud to mimic the APT adversary emulation.
Requirements
- Bachelor degree in Computer Science, Engineering or related fields
- More than 5 years of relevant work experience
- Extensive experience in RAT(Remote Access Tool) developing, able to customize the attack framework like cobalt strike.
- Extensive experience in anti-endpoint protection, able to provide the solution to bypass the detection of EDR such as CrowdStrike, Windows Defender, 360 Safeguard.
- Extensive experience in the persistence solution under common operating systems such as Windows, MacOS and Linux.
- In-depth understanding of the security mechanism of the Windows/Linux system, familiar with the offensive techniques in ring0/ring3.
- Strong scripting/development skills (for example: C/C++, Go, PowerShell, Javascript, ASM, etc.)
- Strong reverse engineering skills; familiarity with tools such as IDA Pro, OllyDBG, WinDBG, GDB,etc.
- Good communication skills and effective teamwork spirit, with good professional ethics
- Self-starting and fast learning ability
Bonus
- Experience in spear phishing and social engineering tactics.
- Experience in pentesting and red teaming, familiarity with kill chains in ATT&CK Framework (for example: initial access, Windows AD testing, lateral movement).
- Tracking records of bug bounty awards, CVEs, public security articles, security conference speakers, Github star authors, etc.
- Experience in performing APT offensive and defensive
✅ 攻防漏洞专家(漏洞方向) / Red Team Expert (Vulnerability)
中文描述
职位描述
- 主要关注不同IT场景下未被发现的漏洞(0day)的研究,例如
- 终端管理(Vmware WorkSpace One/IPMI)
- 在IDC网络、办公环境、云端等不同场景进行红队参与,模仿APT对手仿真
职位要求
- 拥有丰富的基础设施漏洞PoC独立编写经验。例如,根据已知的PoC或漏洞描述,编写出稳定触发的漏洞利用代码
- 对常见漏洞类别(例如缓冲区溢出、命令注入和不安全反序列化)拥有丰富的经验
- 深入理解现代安全缓解措施以及如何绕过它们(例如堆栈 cookie、SafeSEH、DEP、ASLR、CFG 等)
- 深入理解Windows/Linux系统的安全机制,熟悉ring0/ring3中的攻击技术
- 具备较强的漏洞分析、模糊测试、逆向工程和/或高级exploitation技巧;熟悉IDA Pro、OllyDBG、WinDBG、GDB、Burp Suite等工具
- 使用 Python、Go 或 Java 的经验。开发能力对于理解和扩展漏洞利用技术非常重要
- 良好的沟通能力和有效的团队合作精神,具有良好的职业道德
加分项
- 有渗透测试和红队经验,熟悉 ATT&CK 框架中的杀伤链(例如:外网打点,内网横移,域渗透)。
- 获得过bug bounty赏金、CVE、安全会议speaker、Github 明星作者等。
英文描述
Job Description
- Research area: vulnerability
- Main focus is on the research of undiscovered vulnerabilities (0 day) in different IT scenarios, such as
- Operating System(win/linux)
- Cloud native (k8s/docker)
- Network Device (route/switch/fw/vpn)
- Endpoint Management(Vmware workspace space one/IPMI)
- Deliver the exploit code and plugins of the vulnerabilities
- Conduct the red team engagement in different scenarios such as IDC network, office environment, cloud to mimic the APT adversary emulation.
Requirements
- Bachelor degree in Computer Science, Engineering or related fields
- More than 5 years of relevant work experience
- Extensive experience writing standalone PoCs of infrastructure vulnerability.For example, based on known PoC or vulnerability descriptions, writing the stably triggered exploit codes.
- Extensive experience with common vulnerability classes such as buffer overflows, command injection, and insecure deserialization.
- In-depth understanding of modern security mitigations and how to bypass them (e.g., stack cookies, SafeSEH, DEP, ASLR, CFG, and so on).
- In-depth understanding of the security mechanism of the Windows/Linux system, familiar with the offensive techniques in ring0/ring3.
- Strong skills in vuln analysis, fuzzing, reverse engineering, and/or advanced exploitation techniques; familiarity with tools such as IDA Pro, OllyDBG, WinDBG, GDB, Burp Suite, etc.
- Experience with Python, Go or Java. The developing capability is important to be able to understand and extend the exploit techniques.
- Good communication skills and effective teamwork spirit, with good professional ethics
- Self-starting and fast learning ability
Bonus
- Experience in pentesting and red teaming, familiarity with kill chains in ATT&CK Framework (for example: initial access, Windows AD testing, lateral movement).
- Tracking records of bug bounty awards, CVEs, public security articles, security conference speakers, Github star authors, etc.
- Experience in performing APT offensive and defensive
感兴趣的同学,可以在公众号后台联系我,或者直接将简历发送至我的邮箱:[email protected]