Security Engineer/ Penetration Tester
- OSCP (or equivalent, such as CREST) would be an advantage. In today's heavily regulated industry, certifications serve as additional proof of our team's expertise. As evidence, our application security/DevSecOps team alone has nearly 100 certifications.
- Have a deep understanding of application security frameworks such as OWASP Top 10 and possess a strong sense of security with regards to business and financial logic flaws.
- At least 2 years of experience in Web API testing, master BurpSuite like a professional and easily identify any dubious request or response parameters through sheer intuition.
- Preferable: efficiently handling concerns regarding application security by effectively communicating with the development and product teams
- Optional: Hands on experience on Mobile App testing, a good understanding of Jailbreaking/Rooting a device, API hooking, reverse engineering, de-obfuscation
- Proficiency in both spoken and written English. Being able to speak Mandarin will be an advantage
- Willing to learn, energetic, adapt to changes. Have a positive attitude towards cryptocurrency