資安工程師｜Information Security Engineer - JKOPAY 街口電子支付股份有限公司｜Meet.jobs

【THE ROLE & THE TEAM】
As part of the Information Security Team at JKOPay, You will design and implement the architecture of information security and facilities, to provide a stable and regulation-compliant environment , to ensure JKOPay's growth. You will identify security issues and design countermeasures, to contribute to the security and privacy of our 6+ million customers.

【WHY YOU SHOULD BE INTERESTED】
-Define and advocate JKOPay's security principles and a security mindset in the teams.
-Enable a secure system that tailors for business and software development.
-Regularly audit and propose informed solutions to fix security problems and drive them.

【WE'D LOVE TO MEET YOU IF】
-You have good communication skills, an open-minded approach to problem-solving, and a collaborative spirit, coupled with the flexibility to adapt to changing priorities and diverse team dynamics.
-You know how to explain the complex nature of information security, to make JKOPay's products and measure compliance with the regulations.
-You will be more Blue Team focused, with Red Team experience being a plus. You'll also get to play a key role in shaping our security policies and procedures.
-You are familiar with information security standards (ISO 27001, PCI-DSS etc.) Experience in CVE reporting or have relevant certification in information security (such as OSCP, ECSA, CEH, SSCP, ECIH, CCSP, CHFI) is a plus.
-You are familiar with various information-security products and processes, including penetration testing, vulnerability risk assessment, security risk identification and propose improvement plans.
-You are capable of collaborating in the secure software development process (such as security requirements, software architecture review, vulnerability consulting, etc.)
-You have experience with automation of security controls, and have practical knowledge of shell and one more programming language (Python, Ruby, Golang, etc.)
-You have strong knowledge in networking, experienced in at one or more; AWS, GCP, Azure or on-premise datacenter.
-You have experience with implementing and managing HIDS/NIDS, FIM, SIEM solutions is a plus.
-You have experience with network device operation is a plus. (Cisco, Juniper, Palo Alto, F5, etc.)