We are looking for a capable Security Engineer, who enjoys security work and possesses both deep and wide expertise in the security space.
In this role, you will Engineer, implement and monitor security measures for the protection of our computer systems, applications and infrastructure, such as, WAF, DDoS, DNS, Networking, VPN, and etc.
● Work directly with the project teams to facilitate building secure workflows, processes, systems, and services.
● Develop best practices and security standards for the organization.
● Understand software, infrastructure and internet needs and adjust them according to the business environment.
● Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
● Ensure the organization knows as much as possible, as quickly as possible about security incidents.
● Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.
● Find cost-effective solutions to cybersecurity problems.
● Conduct the internal/external security test/audit on our service, application, and infrastructure.
● Assist fellow employees with cybersecurity, software, hardware or Infra. needs
● Ability to discover and identify SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond).
● Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP.
● Knowledge of browser-based security controls such as CSP, HSTS, XFO.
● Experience with standard web application security tools. i.e.: Arachni, BurpSuite … etc.
Skills and Qualifications Requirements
● 3+ years' experience of working as a Security Engineer or other relevant position.
● Basic coding skills, such as HTML, CSS, shell script, python and other languages.
● In-depth knowledge of database and operating system security.
● An understanding of best practices and how to implement them at a business-wide level.
● Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
● Hands-on experience in network security and networking technologies and with system٫ security, and network monitoring tools, etc.
● Ability to prioritize projects.
● English proficiency (read, write and speak)
● Comfortable working in a fast-paced environment.
● Excellent communication skills and able to think through.
● Critical thinking skills and the ability to solve problems as they arise.
● CyberSecurity certifications such as CISSP, CISA/CISM, CompTIA Security+, CEH, or GSEC will be plus.
● Certifications such as PMP, ISO 27001 LA will be plus.
OpenNet is one of the best companies to work for in Taiwan; we offer a dynamic and rewarding environment for high-achievers looking to work and learn alongside like-minded individuals. We are currently in a period of rapid growth as we expand to make our technology available in over 20 countries.
We believe our employees are the company’s most valuable asset and are invested in seeing our employees grow in their careers and strike a work-life balance. We do our best to attract top talent and create a great workplace where people feel engaged, inspired, challenged, and respected.
If you are forward-thinking, passionate about technology, enjoy a fast-paced work environment and are looking for a rewarding career, then we want you on the team.
What you can expect from working at OpenNet?
1. Interesting and engaging work
2. Incredibly talented co-workers
3. Collaborative and flexible workplace
4. World-class benefits package