confidential Jobs

1. Job description 1. Vulnerability scanning of web sites/api/servers using security tools and manual identification of vulnerabilities that cannot be replicated with tools 2. Exploitation analysis of the exploited vulnerabilities and recommendations for fixes 3. Emergency response to web security incidents and recurrence of attack scenarios 2. Requirements 1. Proficiency in developing in at least 2 programming languages 2. Have own set of tools and methods for pre-information gathering 3. Proficiency in using burpsuite, nmap, sqlmap and other tools for vulnerability scanning and exploitation 4. Familiar with the HTTP protocol, HTTP header section and the able to define it. Familiar with DNS protocols and able to use tools to analyze the dns resolution process 5. Familiar with common web vulnerabilities, such as SQL injection, XSS attack, command injection, CSRF attack, upload vulnerability, parsing vulnerability, etc. 6. Familiar with popular front-end development packages or frameworks is desirable. For example webpack, vue.js, react.js , ant, gulp etc. 7. Preferred if experience in web full stack development or devops 8. Preferred if experience with static inversion, dynamic debugging and in-depth knowledge of PE structures 9. Preferred if deep experience in windows domain penetration 3. Benefits Salary: 8,000-30,000$/month Government mandated benefits such as SSS, PAGIBIG, TIN, and PhilHealth, 13th month pay, Service Incentive leaves Monthly KPI Bonus (upon regularization) Attendance Bonus (even during probationary) Service Tenure Award (Terms and conditions apply) Free Meals; free accommodation 4. Interview process 2 rounds 5. Notes & Application Industry: Blockchain & Gaming Working time: 10:00 – 19:00 Beijing time zone, 6 days/week Less