Security Research Engineer, Cymetrics - OneDegree None Bookmark Share Print 188 0 0

Listing Description

Cymetrics is one of the few manufacturers in Taiwan that has its own proprietary cybersecurity tools. The team is made up of experts in cyber risk management and penetrating testing, with experience in government as well as in the financial and telecommunications sectors. Not only do we carry out red team penetration testing and vulnerability scanning, but we also develop our own cybersecurity SaaS products. Many of our long-term clients are well-known major companies across various industries. Moreover, we are a team that consistently steps out of our comfort zone, researching the latest topics, such as Web3 cybersecurity. As an intern at Cymetrics, you will have the opportunity to participate in the development of our cybersecurity tools, enhance the functionality of our cybersecurity platform, or collaborate with other team members on penetration testing or research on open-source projects.

Our organizational culture is flat, valuing the opinions of every member. If you're interested in the cybersecurity industry, come join us!


 


Cymetrics 是台灣少數擁有自己專有網絡安全工具的製造商之一。 該團隊由網絡風險管理和滲透測試方面的專家組成,擁有政府、金融和電信領域的經驗。 我們不僅進行紅隊滲透測試和漏洞掃描,還開發自己的網絡安全SaaS產品。 我們的許多長期客戶都是各行業的知名大公司。 此外,我們是一支不斷走出舒適區的團隊,研究最新的主題,例如 Web3 網絡安全。 作為 Cymetrics 的實習生,您將有機會參與我們網絡安全工具的開發,增強我們網絡安全平台的功能,或與其他團隊成員協作進行滲透測試或開源項目研究。

我們的組織文化是扁平化的,重視每一位成員的意見。 如果您對網絡安全行業感興趣,歡迎加入我們!


Know more about Cymetrics: https://cymetrics.io/zh-tw/


 


Responsibilities



  • Plan and execute penetration tests, assisting clients in identifying vulnerabilities and implementing improvements.

  • Develop automated cybersecurity tools to automatically detect vulnerabilities in websites/systems.

  • Collaborate with PMs, designers, and front-end and back-end engineers to enhance cybersecurity products and platforms.

  • Research vulnerabilities in websites or open-source projects and publish the findings in articles.

  • Information security vulnerability incident investigation and research.

  • Assist in the troubleshooting and resolution of information security product errors.

  • Assist with other operational matters.


  • 規劃和執行滲透測試,協助客戶識別漏洞並實施改進。

  • 開發自動化網絡安全工具來自動檢測網站/系統中的漏洞。

  • 與產品經理、設計師、前後端工程師合作,增強網絡安全產品和平台。

  • 研究網站或開源項目中的漏洞並以文章形式發布研究結果。

  • 信息安全漏洞事件調查研究。

  • 協助排查和解決信息安全產品錯誤。

  • 協助處理其他業務事宜。



Requirements



  • 1+ years of work experience in a software company.

  • Interest and enthusiasm for information security.

  • Clear thinker and creative problem-solver, able to glean insights, develop a vision, and bring it to life with actionable plans.

  • Ability to thrive in an environment of rapid change, moving targets, limited resources, high intensity, and cross-functional dependencies.

  • Ability to prioritize tasks when faced with multiple deadlines and operate under tight deadlines.

  • Ability to work independently and autonomously, while maintaining a team-oriented attitude.

  • Exceptional organizational skills and attention to detail.

  • Good communication skills and teamwork.

  • Have a basic understanding of Linux and command-line operations.

  • Basic understanding of any Script Language.

  • Basic understanding of network principles TCP and firewalls.

  • 1年以上的軟體公司工作經驗。

  • 對資訊安全的興趣和熱情。

  • 清晰的思考者和創造性的問題解決者,能夠收集見解,制定願景,並通過可行的計劃將其變為現實。

  • 能夠在快速變化、目標變化、資源有限、高強度和跨職能依賴性的環境中蓬勃發展。

  • 能夠在面臨多個截止日期時確定任務的優先順序並在緊迫的截止日期內進行操作。

  • 能夠獨立自主地工作,同時保持團隊合作的態度。

  • 良好的組織能力和對細節的關注。

  • 良好的溝通能力和團隊合作精神。

  • 對 Linux 和命令行操作有基本的了解。

  • 對任何程式語言有基本的了解。

  • 基本了解網絡原理 TCP 和防火牆。


Plus



  • Experienced with bug bounty or participating in CTF

  • Have written technical articles related to information security (vulnerability research, CTF writeup, etc.)

  • With security-related certificates, such as CEH, OSCP or GWAPT, etc.

  • 有打過 bug bounty 或是參加過 CTF 的經驗

  • 有寫過資安相關之技術文章(漏洞研究、CTF writeup 等等)

  • 有資安相關證照,例如 CEH、OSCP 或是 GWAPT 等等


 


公司福利


好好工作,好好休息 (正職員工適用)



  • 加入第一天即享有年假,首年 15 天年假(依照入職比例發)

  • 每年全薪病假 5 天、全薪生理假 3 天


一起成長,持續精進 



  • 參加 conference、外部訓練都有補助 (正職員工適用)

  • 證照補助 (正職員工適用)

  • 前、後端技術分享社團、產品與管理職能讀書會


努力工作,我們也用力生活 



  • 健康檢查補助 (正職員工適用)

  • 社團補助 - 各種運動社團、桌遊社、電玩社、這週要幹嘛社

  • 定期補充的零食以及飲料櫃、義式咖啡機、氣泡水機

  • 舒適的開放式工作環境,距離捷運台北101站 5分鐘路程


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765