系统安全专家职位描述模板
系统安全 professionals are 专家s on preventing and mitigating security breaches that may arise from vulnerabilities in computer systems. 这个领域涵盖了一系列的专业领域, 包括资讯保安, 网络安全, 移动安全. 系统安全 professionals must “think like a hacker” in order to anticipate the main vectors of likely attack by malicious outsiders. 他们应该对最微小的细节有敏锐的眼光, plus a well-rounded and in-depth knowledge of computer systems and the the tools of the trade.
系统安全 professionals are 专家s on preventing and mitigating security breaches that may arise from vulnerabilities in computer systems. 这个领域涵盖了一系列的专业领域, 包括资讯保安, 网络安全, 移动安全. 系统安全 professionals must “think like a hacker” in order to anticipate the main vectors of likely attack by malicious outsiders. 他们应该对最微小的细节有敏锐的眼光, plus a well-rounded and in-depth knowledge of computer systems and the the tools of the trade.
There is a shortage of formal training available to those who wish to go into the security field. While a formal education in computer systems is desirable, many of the best security 专家s are self-taught hobbyists when it comes to their familiarity with “hacking” and the techniques and vulnerabilities exploited by attackers. 自 your security 专家 will be intimately aware of all of your system’s weakest points, 你能否信任他或她是至关重要的.
This article provides a sample 系统安全 Expert job description that will help you write the perfect job ad, and ensure that you find and hire the person that matches your specific criteria.
系统安全 Expert - 工作描述 and Ad Template
复制此模板,并将其修改为自己的模板:
公司介绍
{{Write a short and catchy paragraph about your company. Provide information about the company’s culture, perks, and benefits. 提及办公时间, 远程工作的可能性, 以及任何让你的公司有趣的东西.}}
工作描述
We are looking for a Systems 安全 Expert with emphasis on {{WLAN/网络/web应用/渗透测试}}. You must be passionate about security and staying ahead of all possible threats to the system. You will be working with our development team to ensure that our network and technology stack is watertight. You will become thoroughly familiar with our architecture, helping to direct its development. You will provide regular reports of potential vulnerabilities and risk profiles. Good communication skills are critical to efficiently coordinate with our team and build a secure end product.
责任
- Actively look for security vulnerabilities in our application and network, 报告问题并描述可能的解决方案.
- 设计和维护我们的安全基础设施.
- 了解最新的安全新闻, keeping an eye out for the latest vulnerabilities and remedies emerging in the field.
- Actively liaise with the development team to ensure a secure architecture.
- Actively liaise with the development team to ensure thorough automated testing of all source code (e.g.(通过测试驱动开发).
- Provide regular reports auditing our current services and latest changes, 以及我们的内部实践.
- Monitor our server traffic, ticketing and reporting unusual packets.
- {{在此处添加其他相关职责.}}
技能与资历
- {{Relevant education in 计算机科学 or Computer 工程.}}
- {{CCNA、OWSE等相关认证.}}
- Thorough understanding of potential attack vectors such as XSS, 注射, 劫持, 社会工程, 等等.......
- Thorough understanding of cryptographic primitives and their underlying principles.
- 熟练掌握 {{您的应用程序环境}} 然后是命令行.
- Thorough understanding of networking protocols, such as TCP/IP.
- Thorough understanding of HTTP and HTTPS, as well as their underlying implementations.
- Thorough understanding of Content Delivery Networks and their integration into applications.
- Basic programming proficiency, sufficient to write and execute scripts from the command line.
- 活跃于安全社区. 定期参加聚会或会议.
- Contributes to open source projects, or creates purpose built tools for security work.
- 对敏捷开发过程的理解.
- 优秀的沟通能力. Ability to translate complex ideas into simple solutions on paper.
- {{Include any framework, library, or any other technology related to your development stack.}}
Toptal Engineers最近的系统安全文章
找到合适的系统安全面试问题
Read a list of great community-driven 系统安全 interview questions.
阅读它们,评论它们,甚至贡献你自己的.
现在就雇佣一名顶级系统安全开发人员
Toptal is a marketplace for top system security developers, 工程师, 程序员, 程序员, 架构师, 和顾问. Top companies and startups choose Toptal system security freelancers for their mission critical software projects.
查看他们的个人资料
马克Castagneri
马克是一名风险评估员, 项目经理, 安全运营工程师, and architect with over 10 years of experience implementing risk reduction initiatives. He has a deep understanding of various security frameworks and tools. 马克成功地制定了预算, 以反应为路线图, and project plans and has led multidisciplinary teams to effectively reduce risks and demonstrate compliance with standards, 经第三方审计师确认.
显示更多
约翰·姆布西亚,硕士.Sc.CISSP,
John has 17+ years of experience 管理 all aspects of IT and 网络安全 for Fortune 500 organizations and small operations. His 专家ise includes risk mitigation through balanced processes and controls, BCM, GRC, 我, 安全操作, 第三方风险, 社交媒体品牌保护, 培训和意识, 物理安全控制, 事件响应桌面练习, 漏洞管理. John has consistently created compliant environments safe from emerging threats.
显示更多
伊莱亚斯迪亚布
伊莱亚斯是个非常敬业的人, 技术, 战略信息安全, 网络安全, 风险管理官员, 执行, 顾问, 顾问, 专家, 和专业. 拥有超过30年的全球经验, 他擅长建筑。, 管理, and maintaining information security and 网络安全 programs designed to protect your organization's systems and assets from internal and external threats and help organizations achieve their regulatory compliance requirements.
显示更多Discover More 系统安全 开发人员 in the Toptal Network
开始招聘Toptal连接 排名前3% 世界各地的自由职业人才.