- Jobs
ResumeCreate your job-winning resume using our free resume builder.
PortfolioShowcase your skills and projects with a professional portfolio.ResumeCreate your job-winning resume using our free resume builder.Resume BuilderMake a resume for free.Resume TemplatesAccess our extensive library of professional & ready-to-use templates.Resume ExamplesGet inspired by real resume examples to create your own.Occupation GuideAccess resume writing guides tailored for different professions.Resume HelpGet expert advice on all things resume from our team of recruitment specialists.- ResourcesSuccess StoriesBusiness ExcellenceAbout CakeResumeFeatured Reads
- Hire
- Download our App
CakeResume Talent Search
Advanced filters
On
4-6 years
6-10 years
10-15 years
More than 15 years
Employed
・
Ready to interview
Full-time / Interested in working remotely
6-10 years
元智大學
・
資訊工程學系
Past
Systems Engineer (Maintenance & Security) @Alliance Healthcare Group2022 ~ 2023
・
IT Administrator, IT Analyst, Cyber security, System & Network Administrator
Within one month
Myanmar) 二月二月 2018 Design and Implement Network and Hyper-V Replication Servers Implementing Routing, Firewalls, GlusterFS, iSCSI, LVM, DNS, Microsoft Exchange and IIS Setting up Rsync, Rsyslog, Samba, Windows AD, FSRM, DFS services Network security monitoring and setup (firewalls, logs monitoring) Supporting End User, data backup, and restore Project coordination, inventory control, documentation 學歷NCC Education, UK Level 4 Diploma in ComputingMyanmar Maritime University B.Sc (Hons) Nautical Science 專業認證 • eLearnSecurity Web Application Penetration Tester (eWPT) • CompTIA Certified Cybersecurity Analyst (CySA+) • Cisco Certified Network Professional (CCNP – Security) • Qualys...
Unemployed
・
Ready to interview
Full-time / Interested in working remotely
6-10 years
NCC Education, UK
・
Cyber SecurityEmployed
・
Ready to interview
Full-time / Interested in working remotely
10-15 years
立德大學
・
資訊工程
Past
Senior Test programmer @Robert Bosch GmbH2022 ~ 2023
・
測試或資安專責人員
Within one month
headquarters' security quality requirements (based on IEC 62443, ISO 27001, CSF 2.0 standards), data security management/internal audits, localization system implementation, preparation of related materials, and conducting education and training will be carried out. * Based on verification and validation (V&V), I conduct functional and security testing on IP security cameras and their backend support systems and platforms (PCs, AIOs, servers, network environments, Windows/[embedded] Linux). This includes penetration testing, ACL permission control, defense in depth validation, SSO, and ZTNA. * According to customer requirements, conduct system planning analysis and (semi/full) automated
Unemployed
・
Ready to interview
Full-time / Interested in working remotely
More than 15 years
Concordia University
・
Master of Business Administration (M.B.A.)
Past
Senior Quality Analyst @Thoughtworks2022 ~ 2023
・
QA automation engineer / Software development engineer in test
Within one month
and i18n testing of Unity application (mobile & web) DecemberMarchPosition eliminated due to COVID impact) Quality Assurance Engineer • EO Finance, Cyprus Full stack testing of cryptocurrency wallet & exchange (mobile, web & desktop apps) Developed & maintained E2E and API tests Reviewed business requirements and design assets Mentored new testing team members Made regression testing twice faster JanuaryNovember 2019 QA Engineer • SPB TV, Russia Functional, interface and backend testing of dozen web and IPTV products Actively participated and offered ideas in meetings and features discussions Described several thousand bugs in Jira DecemberJanuary 2018 Test Engineer • Ficbook, Russia Exploratory, performance and penetration testing of social
Unemployed
・
Ready to interview
Full-time / Not interested in working remotely
4-6 years
慈濟大學 Tzu Chi University
・
Mandarin Chinese Course
Engineer @Trend Micro 趨勢科技2021 ~ Present
・
Software Engineer
Within two months
solution to the end user to make sure they would keep using our product and feel satisfied. Product CI/CD: Using GitHub Action to trigger product build and deploying package when the package is output successfully. BlockChain Security Corp, Programmer, May 2020 ~ Oct 2021 Developed Web App Penetration Testing Platform: Developed a website on Internet Information Services (IIS) using .NET Framework. Built databases to store user data, penetrating data, and penetrating syntaxes on a SQL Server. Integrated APIs of third-party penetration testing tools, e.g. ZAP and SQL Map. Solved
Employed
・
Ready to interview
Full-time / Interested in working remotely
4-6 years
National Chengchi University
・
Computer Science
Past
BD Listing & KOL Manager @Coinstore & Pionex Crypto Exchange2022 ~ 2023
・
Within two months
Dipl.-ing Edy Wijaya While in college, I worked part-time as IT Support for Philips in Aachen and also at the RWTH Aachen Institute. After returning to Indonesia, I am active in IT solutions, both Hardware and Software, specifically in the field of networking infrastructure and VoIP. After a long time in the technical field, I started in the field of Business Development in Thano for physical security products, and then for the Hospitality Industry I marketed locking and access control products from Salto Systems. In my spare time, I took courses and was self
Unemployed
・
Open to opportunities
Full-time / Interested in working remotely
10-15 years
FH Aachen university of applied sciences
・
Electrical EngineeringProfessional development @Career Break2024 ~ Present
・
IT Infrastructure Manager, IT Support Manager
Within one month
Employed
・
Open to opportunities
Full-time / Interested in working remotely
10-15 years
BINUS University
・
Computer Science
Offline
Offline
Cyber Security Analyst @iTop Digital Technology Co., Ltd.2021 ~ Present
・
資安威脅分析師、滲透測試工程師
Within one month
監控、Log分析與誤報除錯及規則調整等 導入過程中透過流量監控協助企業發掘對外服務對外開放的SQL Injection漏洞攻擊途徑 Penetration Testing 協助國內財團法人建制境外APT組織攻擊環境模擬,並蒐集相關惡意流量供研究使用,執行成果如下: 模擬易受攻擊的
Employed
・
Open to opportunities
Full-time / Interested in working remotely
4-6 years
國防大學中正理工學院
・
資訊工程學系
Senior Information Security Manager @玉山證券2024 ~ Present
・
Cyber Security Engineer
Within one month
BlackSmile Penetration Test Cyber Security Engineer Taoyuan City, Taiwan 大學於資訊管理系畢業,於2018年從軍後開始接觸資安領域。主要在部內負責弱點掃描及滲透測試的工作,並接受專業課程培訓,擔任單位Cyber Kill Chain教官,教授MITER ATT&CK定義之流程。 在工作上除了精進專業技能外,還累積了許多團
Employed
・
Not open to opportunities
Full-time / Interested in working remotely
4-6 years
國立陽明交通大學(National Yang Ming Chiao Tung University)
・
國防資安管理The Most Lightweight and Effective Recruiting Plan
Search resumes and take the initiative to contact job applicants for higher recruiting efficiency. The Choice of Hundreds of Companies.
- Browse all search results
- Unlimited access to start new conversations
- Resumes accessible for only paid companies
- View users’ email address & phone numbers
Search Tips
1
Search a precise keyword combination
senior backend php
2
Use quotes to search for an exact phrase
"business development"
3
Use the minus sign to eliminate results containing certain words
UI designer -UX
Only public resumes are available with the free plan.
Upgrade to an advanced plan to view all search results including tens of thousands of resumes exclusive on CakeResume.
Definition of Reputation Credits
Technical Skills
Specialized knowledge and expertise within the profession (e.g. familiar with SEO and use of related tools).
Problem-Solving
Ability to identify, analyze, and prepare solutions to problems.
Adaptability
Ability to navigate unexpected situations; and keep up with shifting priorities, projects, clients, and technology.
Communication
Ability to convey information effectively and is willing to give and receive feedback.
Time Management
Ability to prioritize tasks based on importance; and have them completed within the assigned timeline.
Teamwork
Ability to work cooperatively, communicate effectively, and anticipate each other's demands, resulting in coordinated collective action.
Leadership
Ability to coach, guide, and inspire a team to achieve a shared goal or outcome effectively.
Within one month
Cyber Security Analyst | Penetration Tester
iTop Digital Technology Co., Ltd.
・
2021 ~ Present
Professional Background
Current status
Employed
Job Search Progress
Open to opportunities
Professions
Security Engineer
Fields of Employment
Cyber Security
Work experience
6-10 years work experience (4-6 years relevant)
Management
I've had experience in managing 5-10 people
Skills
Languages
Chinese
・
Native or Bilingual
English
・
Fluent
Job search preferences
Positions
資安威脅分析師、滲透測試工程師
Job types
Full-time
Locations
台灣台北
Remote
Interested in working remotely
Freelance
Educations
School
國防大學中正理工學院
Major
資訊工程學系
- 在資訊安全領域累積了7年的實務經驗,並在程式撰寫、滲透測試及資安事件調查等領域持續提升自身能力
- 針對網站、內部網路、IOT及零信任產品等滲透測試方面具有經驗
- 熟悉微軟安全產品,擅長部署、維護、威脅狩獵與防護規則撰寫,以確保企業防禦機制完備
- 在Tibame教育平台擔任滲透測試課程講師
學歷
2012 - 2016
國防大學中正理工學院
資訊工程學系
資格認證
Offensive Security
- Offensive Security Certified Professional (OSCP)
EC-Council
- Certified Incident Handler(ECIH)
- Certified Threat Intelligence Analyst(CTIA)
- Certified Ethical Hacker(CEH)
Microsoft
- Microsoft Certified: Security Operations Analyst Associate
- Microsoft 365 Certified: Security Administrator Associate
- Microsoft Certified: Azure Security Engineer Associate
- Microsoft Certified: Azure Administrator Associate
- Microsoft Certified: Azure Solutions Architect Expert
技能
Penetration test
- 網頁滲透測試
- 內網滲透測試
- 產品測試
- 漏洞環境重現
Blue Team
- 監控工具整合與開發
- 資安事件肇因調查
Programming
- Golang
- Python
- C++
- 具有物件導向大型專案開發經驗
工作經歷
Cyber Security Analyst
iTop Digital Technology Co., Ltd.
十二月 2021 - Present
Taipei, Taiwan
Cloud&Security
- 協助客戶執行微軟安全產品解決方案部署與整合,包括 Azure Sentinel、Microsoft Defender for Endpoint、Microsoft Defender for Identity及Azure Waf等產品,具體成果如下:
- 協助金融、半導體、電商等大型跨國企業及大型國營企業等數十個單位微軟安全產品部署
- 執行MDR服務,根據 Azure 安全產品為客戶進行事件調查,項目包括為誤報告警提供緩解計劃、提供風險諮詢及協助調查,具體成果如下:
- 完整分析多個Magniber勒索軟體類型執行流程及肇因
- 為大型跨國企業進行資安事件調查,利用AD防護軟體及EDR軟體釐清內部橫向攻擊來源
- 釐清多次雙因子認證釣魚攻擊肇因,包含利用外部短網址、Web漏洞及C2等多項手法,並協助通報知名國外網域遭跳板利用情況
- 協助多個企業部署並導入Azure WAF安全產品,具體成果如下
- 利用Azure Sentinel SOAR功能整合Alien Vault等威脅情資平台,自動阻擋惡意IP來源訪問。
- 撰寫完整Azure Waf導入流程與教學,包含部署、流量監控、Log分析與誤報除錯及規則調整等
- 導入過程中透過流量監控協助企業發掘對外服務對外開放的SQL Injection漏洞攻擊途徑
Penetration Testing
- 協助國內財團法人建制境外APT組織攻擊環境模擬,並蒐集相關惡意流量供研究使用,執行成果如下:
- 模擬易受攻擊的企業網路環境,包含企業常見DMZ及Intranet網路架構建置。
建置以Windows環境為主的漏洞模擬環境,包含以下漏洞項目Kentico 12(CVE-2019-10068)、Sharepoint(CVE-2021-34520)、本機提權漏洞(PrintSpoofer)、AD攻擊(pass-the-hash、pass-the-ticket、kerberos delegation)、Exchange Server(Mail enumeration)
- 模擬易受攻擊的企業網路環境,包含企業常見DMZ及Intranet網路架構建置。
- 執行多個滲透測試專案,客戶包含產品測試(虛擬貨幣、零信任)、電商品牌及公部門等單位,執行成果如下:
- 獨立撰寫多份英文滲透測試報告(包含產品測試)
- 發掘已知或未知弱點包含遠端代碼執行、越權存取(IDOR)、任意檔案上傳等多項漏洞
- 獨立撰寫多份英文滲透測試報告(包含產品測試)
Lecture Experience
- 滲透測試教育訓練
- 在知名的線上平台 "Tibame" 擔任滲透測試講師。
- 台灣學術網路中心網路安全中心(TACCST)擔任滲透測試講師,獨立建置未有公開漏洞腳本靶機
- Wordpress:CVE-2023-23488(SQL injection)、CVE-2023-3460(Privesc)
- PyroCMS:CVE-2023-29689(SSTI)
2. 紅藍隊訓練
- 國網中心APT攻擊偵測與防護課程,獨立建置紅藍隊偵測模擬環境
- 模擬真實MFA釣魚攻擊場警,運用Wordpress近期漏洞包裝自建釣魚網址
- 利用GitLab docker與Owasp modsecurity Waf模擬CVE攻擊偵測
資訊網路官
資通電軍網路戰聯隊
七月 2016 - 十二月 2022
Taipei, Taiwan
1. 領導紅隊組織並組織對多個政府部門的紅隊評估項目
2. 收集威脅情報,包括可行的PoCs、相關工具和網路攻擊趨勢
3. 建立實驗室環境以模擬易受攻擊的系統,並在後期利用階段進行進一步攻擊的研究
4. 設計軍事演習與比賽的系統
5. 參與針對政府單位的多個滲透測試項目
專案
MCDX Competition System針對Kill of Hill類型的資安競賽所設計的計分系統,可針對紅隊取得機器權限及藍隊修補漏洞動態計分
Gitlab with Waf- 在資訊安全領域累積了7年的實務經驗,並在程式撰寫、滲透測試及資安事件調查等領域持續提升自身能力
- 針對網站、內部網路、IOT及零信任產品等滲透測試方面具有經驗
- 熟悉微軟安全產品,擅長部署、維護、威脅狩獵與防護規則撰寫,以確保企業防禦機制完備
- 在Tibame教育平台擔任滲透測試課程講師
學歷
2012 - 2016
國防大學中正理工學院
資訊工程學系
資格認證
Offensive Security
- Offensive Security Certified Professional (OSCP)
EC-Council
- Certified Incident Handler(ECIH)
- Certified Threat Intelligence Analyst(CTIA)
- Certified Ethical Hacker(CEH)
Microsoft
- Microsoft Certified: Security Operations Analyst Associate
- Microsoft 365 Certified: Security Administrator Associate
- Microsoft Certified: Azure Security Engineer Associate
- Microsoft Certified: Azure Administrator Associate
- Microsoft Certified: Azure Solutions Architect Expert
技能
Penetration test
- 網頁滲透測試
- 內網滲透測試
- 產品測試
- 漏洞環境重現
Blue Team
- 監控工具整合與開發
- 資安事件肇因調查
Programming
- Golang
- Python
- C++
- 具有物件導向大型專案開發經驗
工作經歷
Cyber Security Analyst
iTop Digital Technology Co., Ltd.
十二月 2021 - Present
Taipei, Taiwan
Cloud&Security
- 協助客戶執行微軟安全產品解決方案部署與整合,包括 Azure Sentinel、Microsoft Defender for Endpoint、Microsoft Defender for Identity及Azure Waf等產品,具體成果如下:
- 協助金融、半導體、電商等大型跨國企業及大型國營企業等數十個單位微軟安全產品部署
- 執行MDR服務,根據 Azure 安全產品為客戶進行事件調查,項目包括為誤報告警提供緩解計劃、提供風險諮詢及協助調查,具體成果如下:
- 完整分析多個Magniber勒索軟體類型執行流程及肇因
- 為大型跨國企業進行資安事件調查,利用AD防護軟體及EDR軟體釐清內部橫向攻擊來源
- 釐清多次雙因子認證釣魚攻擊肇因,包含利用外部短網址、Web漏洞及C2等多項手法,並協助通報知名國外網域遭跳板利用情況
- 協助多個企業部署並導入Azure WAF安全產品,具體成果如下
- 利用Azure Sentinel SOAR功能整合Alien Vault等威脅情資平台,自動阻擋惡意IP來源訪問。
- 撰寫完整Azure Waf導入流程與教學,包含部署、流量監控、Log分析與誤報除錯及規則調整等
- 導入過程中透過流量監控協助企業發掘對外服務對外開放的SQL Injection漏洞攻擊途徑
Penetration Testing
- 協助國內財團法人建制境外APT組織攻擊環境模擬,並蒐集相關惡意流量供研究使用,執行成果如下:
- 模擬易受攻擊的企業網路環境,包含企業常見DMZ及Intranet網路架構建置。
建置以Windows環境為主的漏洞模擬環境,包含以下漏洞項目Kentico 12(CVE-2019-10068)、Sharepoint(CVE-2021-34520)、本機提權漏洞(PrintSpoofer)、AD攻擊(pass-the-hash、pass-the-ticket、kerberos delegation)、Exchange Server(Mail enumeration)
- 模擬易受攻擊的企業網路環境,包含企業常見DMZ及Intranet網路架構建置。
- 執行多個滲透測試專案,客戶包含產品測試(虛擬貨幣、零信任)、電商品牌及公部門等單位,執行成果如下:
- 獨立撰寫多份英文滲透測試報告(包含產品測試)
- 發掘已知或未知弱點包含遠端代碼執行、越權存取(IDOR)、任意檔案上傳等多項漏洞
- 獨立撰寫多份英文滲透測試報告(包含產品測試)
Lecture Experience
- 滲透測試教育訓練
- 在知名的線上平台 "Tibame" 擔任滲透測試講師。
- 台灣學術網路中心網路安全中心(TACCST)擔任滲透測試講師,獨立建置未有公開漏洞腳本靶機
- Wordpress:CVE-2023-23488(SQL injection)、CVE-2023-3460(Privesc)
- PyroCMS:CVE-2023-29689(SSTI)
2. 紅藍隊訓練
- 國網中心APT攻擊偵測與防護課程,獨立建置紅藍隊偵測模擬環境
- 模擬真實MFA釣魚攻擊場警,運用Wordpress近期漏洞包裝自建釣魚網址
- 利用GitLab docker與Owasp modsecurity Waf模擬CVE攻擊偵測
資訊網路官
資通電軍網路戰聯隊
七月 2016 - 十二月 2022
Taipei, Taiwan
1. 領導紅隊組織並組織對多個政府部門的紅隊評估項目
2. 收集威脅情報,包括可行的PoCs、相關工具和網路攻擊趨勢
3. 建立實驗室環境以模擬易受攻擊的系統,並在後期利用階段進行進一步攻擊的研究
4. 設計軍事演習與比賽的系統
5. 參與針對政府單位的多個滲透測試項目
專案
針對Kill of Hill類型的資安競賽所設計的計分系統,可針對紅隊取得機器權限及藍隊修補漏洞動態計分