工作职责

1. Penetration Testing | 渗透测试

• Conduct penetration tests on company systems, applications, and networks using various approaches (black-box, gray-box, white-box).
• 负责公司系统、应用和网络的渗透测试，包括黑盒、灰盒、白盒等多种测试形式。

1. Test Planning & Reporting | 测试方案及报告

• Develop penetration testing plans, execute testing tasks, and produce vulnerability analysis reports.
• 编写渗透测试方案，执行测试任务并输出漏洞分析报告。

1. Remediation Follow-up | 漏洞跟踪

• Track the progress of vulnerability fixes and assist technical teams in implementing remediation recommendations.
• 跟踪漏洞修复进展，协助相关技术团队落实修复建议。

1. Security Assessments | 安全评估与加固

• Conduct periodic security assessments and hardening of core systems to ensure stable and secure operations.
• 定期开展安全评估和安全加固工作，确保核心系统安全稳定。

1. Research & Simulation | 攻防研究与模拟

• Research network attack and defense techniques, analyze and simulate the latest attack methods to enhance team capabilities.
• 研究网络攻防技术，分析并模拟最新攻击手法，提升团队技术能力。

1. Incident Response & Compliance | 应急响应与安全合规

• Participate in incident response, ensure security compliance, and support external audits as required.
• 参与应急响应、安全合规和外部审计等工作。

岗位要求

1. Education | 学历要求

• Bachelor's degree or above in Computer Science, Information Security, or related fields.
• 计算机、信息安全或相关专业本科及以上学历。

1. Experience | 工作经验

• At least 2 years of penetration testing experience.
• 2年及以上网络渗透测试经验。

1. Technical Skills | 技术技能

• Proficient with common penetration testing tools (e.g., Burp Suite, Nmap, Metasploit, Kali Linux, etc.).
• 熟练掌握常用测试工具（如Burp Suite、Nmap、Metasploit、Kali Linux等）。
• Familiar with vulnerability standards and security guidelines such as OWASP Top 10, CVE, CWE.
• 熟悉OWASP Top 10、CVE、CWE等漏洞标准与安全规范。
• Experience in writing penetration testing reports and remediation recommendations.
• 有编写渗透测试报告、修复建议文档经验。
• Proficient in at least one scripting language (Python, Go, Bash, etc.).
• 熟悉Python、Go、Bash等至少一门脚本语言。

优先条件

• Possession of security certifications (e.g., OSCP, CEH, CISSP) is preferred.
• 有OSCP、CEH、CISSP等安全相关证书者优先。
• Prior experience with working in Japan or the ability to obtain a Japanese work visa is preferred.
• 有日本工作签证或可办理者优先。
• Proficiency in reading and writing Japanese is a plus.
• 具备日语读写能力者优先；无日语能力但技术能力突出者亦可考虑。