about the company.
- Multinational enterprises (Fortune 500) are leading the world in intelligent manufacturing and other fields. Greater China has stable business growth and technological innovation investment.
about the team.
- Team members are from well-known MNC and head Internet companies
- Team culture is harmonious, communication style is open and direct, and work&life balance is advocated
- The team attaches importance to work innovation and teamwork, with high stab
about the job.
- Co-work with and thus support software development teams
- Define and maintain technology roadmap for software products and align with product manager and development team
- Performs threat modeling and security design in software product development processes
- Translate secure software design principles into practical goals and action and see to their completion in an auditable way
- Act as key developer and owner of highly reusable and exceptionally reliable fundamental software components
- Work with project teams to provide software consultations to customers and other stakeholders
skills and experience required.
- 8+ years of experience in software design, development, and project management
- Capable of concept defining and conceptual thinking within given context
- Deep understanding of Secure Software Design Principles, including Economy of mechanism, Fail-safe defaults, Complete mediation, Open design, Separation of privilege, Least privilege, Least common mechanism, Psychological acceptability, Work factor, Compromise recording, etc.
- Strong experience with hands-on skills in .NET core and Java technologies
- Solid knowledge of product security / cyber security with hands-on experience in security requirements, threat modeling, secure software architecture & design, and secure software implementation
- Competent experience in systems management including Windows, Linux, virtual machines, containers and Kubernetes, and shell (PowerShell & bash/ash) scripts
- Experience in open-source technologies, e.g., Nginx, Kafka, Keycloak, PostgreSQL, swagger, etc.
- Holistic understanding of software, hardware, network, and databases which thus drives system diagnosis and problem-solving
- Good learning and communication skills of technical concepts and architectural design to top management
- English as a working language, proficient in document reading and writing, fluent in verbal communications
- ISC2 CSSLP is a significant plus
