About our client
Our Client is a technology company operating a range of content platforms that inform, educate, entertain and inspire people across languages, cultures, and geographies. Dedicated to building global platforms of creation and interaction, They now has a portfolio of applications available in over 150 markets and 75 languages.
About the role
Global e-commerce is content e-commerce business with international short video product as the carrier. It is committed to becoming the first choice for users to discover and purchase good products with affordable prices. Global e-commerce business team hopes to provide users with more tailored, active and efficient consumption experience, enabling merchants to receive stable and reliable platform services in different scenarios such as live e-commerce, short video content e-commerce, so as to make more affordable and high-quality products sell easily and a better life within reach.
E-Commerce’s Governance and Experience is a global team responsible for ensuring a safe and trustworthy marketplace for not only our buyers, but also our sellers and creators. We constantly work on areas such as risk detection abilities, fairness and sustainability of the E-Commerce ecosystem, content and commodity quality, friction-free experiences to drive improvement.
Partner with cyber security and business partners lines of business across the Global E-Commerce to gather information to facilitate and complete threat models.
Understand and safely use various open-source penetration testing tools and when appropriate, emulating hacker tactics, techniques, procedures.
Respond to security violations, potential vulnerabilities, and alerts from detection systems.
Stay up to date on zero day exploits for tech stacks we use.
Communicate with stakeholders (technical and non-technical), both verbal and written.
Skills & Experience
Bachelor’s degree in Computer Science, CIS, Engineering, Cybersecurity, or related field (or equivalent work or military experience in a related field).
5 years of Experience with information security applications and Cloud Security.
Skilled with conducting information security investigations and remediations.
Experience with assessing APT threats, Penetration Testing, Vulnerability Management, attack methodologies, forensics analysis techniques, attack surface comprehension, Cyber Threat Emulation operations and research, identification, and/or verification of new APT TTP.
Solid understanding of common web app vulnerabilities, exploitation techniques, and remediation options.
Must be detail-oriented and possess strong problem-solving skills and ability to analyze for potential future issue.