Coins6mo ago

Security Engineer （Penetration Testing-Red Team）

ShenzhenFull-time Employeemid

EngineeringSecurityOtherSecurity Engineer

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

Join the Pioneer Crypto Brand in the Philippines! Coins is the most established crypto brand in The Philippines and has gained the trust of more than 18 million users.

Technical Tools

EngineeringSecurityOtherSecurity Engineer

Join the Pioneer Crypto Brand in the Philippines!

Coins is the most established crypto brand in The Philippines and has gained the trust of more than 18 million users. Through the easy-to-use mobile app, users can buy and sell a variety of different cryptocurrencies and access a wide range of financial services.

Coins is fully regulated by the Bangko Sentral ng Pilipinas (BSP) and is the first ever crypto-based company in Asia to hold both Virtual Currency and Electronic Money Issuer licenses from a central bank.

Conduct comprehensive penetration testing on company applications and systems, and organize regular attack-defense drills.

Test and bypass the defense technologies of the company's blue team to enhance the security protection level.

Research offensive and defensive technologies, track and analyze cutting-edge industry technologies, and introduce excellent security technologies and tools.

Participate in the construction of security capabilities, including detection rules, monitoring strategies, and intrusion traceability.

Build and drill countermeasures and TTPs (Tactics, Techniques, and Procedures) based on real threat intelligence and industry APT behavior models.

Possess more than 5 years of practical experience in attack and defense, and be able to independently complete penetration testing work.

Familiar with common internal network attack ideas and methods, have internal network penetration and domain penetration capabilities with successful cases.

Have practical experience in AWS cloud environment penetration, container and Kubernetes security attack and defense.

Familiar with Linux/Windows system principles, databases and related technologies, and proficient in command execution and privilege escalation techniques.

Familiar with mainstream Web frameworks and capable of code auditing and vulnerability mining (java/go/python).

Have practical experience in red and blue team exercises.

Be able to write scripts or tools for automated exploitation and basic tool development.