Company Background: Our client is an IT firm dedicated to the fintech sector, founded in January 2018 and headquartered in the prestigious Hong Kong Science Park. The company specializes in developing innovative solutions for fintech and cybersecurity, offering products such as transaction matching engines, risk control engines, account settlement systems, arbitrage systems, structured products management systems, and algorithmic trading engines

Job Responsibilities:

1. Cloud Infrastructure Security: Participate in the construction of cloud infrastructure security, including network architecture design, access control, intrusion detection, and defense mechanisms.
2. Security Architecture Design: Design and develop network security architectures, deployment standards, and solutions, and ensure their implementation.
3. Risk Assessment: Conduct regular security risk assessments, analyze current system vulnerabilities, and propose improvement suggestions.
4. Security Operations: Engage in daily risk assessments, security operations, security inspections, and incident response activities.
5. Training and Awareness: Provide technical training on information security to internal personnel and promote information security awareness.

Job Requirements:
1. Qualifications: Degree in computer science or a related field, with over 3 years of relevant security technology experience.
2. Cloud Services and Security Systems: Familiar with common cloud services and security systems (e.g., AWS, Ali Cloud, Kubernetes, WAF, NGFW, SIEM, SOAR).
3. Vulnerability Management: Proficient in the principles, exploitation methods, and solutions for common web and system security vulnerabilities.
4. Programming Skills: Proficient in at least one mainstream programming language (e.g., Go, Python, JavaScript), capable of writing automation scripts, and possessing data analysis skills. DevOps experience is a plus.
5. Preferred Qualifications: CTF participants, top white hat hackers, high-quality CVE vulnerability authors, open-source project maintainers, technical bloggers, and conference speakers are preferred.
6. Passion and Responsibility: Passionate about information security, responsible, creative, with excellent communication skills and a strong sense of teamwork.