版上有做网络安全的吗？公司招网络安全专家80w+ (转载)

水木社区手机版

展开|楼主|同主题展开|返回

主题:版上有做网络安全的吗？公司招网络安全专家80w+ (转载)
patriot|2019-10-09 21:20:13|
【以下文字转载自 Networking 讨论区】
发信人: patriot (pat), 信区: Networking
标  题: 版上有做网络安全的吗？公司招网络安全专家80w+
发信站: 水木社区 (Wed Oct  9 21:18:16 2019), 转信

公司名叫瓦里安，Varian。可以搜索一下。从事大型肿瘤治疗设备，很多服务都是搭建在云服务器上的的web解决方案。

目前急聘网络安全方面的专家。薪水80w~90w之间。薪水很靠谱。大公司这一点可以放心。招人都有明确预算安排的。

主要负责网络安全方面，例如公司开发的基于web的医疗软件产品是否有漏洞，搭建在云服务器上的产品避免网络攻击之类的。应聘者需要有丰富的网络安全经验。这个职位刚刚开放出来，下面是详细的JD。

感兴趣的童鞋可以站内或者发简历至 resume@awcconsult.com 因为是急聘，所以流程方面会走的很快。

VARIAN医疗科技公司是纽交所上市公司，医疗器械癌症放射治疗设备及软件领域的领军企业。中国区总部在北京亦庄运成街近地铁。工资具有行业竞争力，福利完善，免费午餐班车健身房，企业文化人性化基本不加班，职业发展空间大。

Overview:
-----------------
The Product Security Architect (title tentative)will be a member of the Product Security team.  You come with in-depth knowledge of the current and emerging cloud security capabilities and design patterns (e.g. in microservices, containerization).  You stay up-to-date on the evolution of both the defensive and offensive fronts of cybersecurity.  You deliver expert architecture design and technical,hands-on support across Varian portfolio, focusing on Cloud-Native Platform and Services Security.You branch out to be part of the Varian community to build up and maintain capabilitiesto support privacy requirements for sensitive data (e.g. patient health records), as well as regulatory requirements for Software asMedical Devices(SaMD).

You are a thought-leader and a doer whose contribution is crucial in spearheading high-growth initiatives. You are a knowledge creator and trusted security advisor who generates awareness and shares lessons learned across Varian portfolio.

Responsibilities:
-----------------
Responsibilities include, but are not limited to:
1. Actively participate in product-level design and development: attend planning meetings, lead the integration of cybersecurity considerations into product design and requirements, review, update, and EOL management strategy; provide hands-on technical support expertise in general SW design and development (e.g. Azure or AWS configurations), security testing, as well as system engineering topics as necessary
2. At the system level, define and document security architecture design pattern and standards; provide oversight on existing security measures across portfolio and components; identify improvement areas, and make tactical, relevant recommendations orexecutable improvement plans (e.g. unified certificate management)
3. Collaborate with stakeholder groups (e.g. RA/QA, Legal, Government Affairs) to continuously evaluate changes in regulatory requirements relevant to key support portfolio (e.g. cloud); translate external changes into internal actions (e.g. update in system level security requirements, product design, etc.)
4. Monitor product cyber-security threats and vulnerabilities, supportplanned and ad-hoc Risk Assessment (e.g. Threat and Risk Analysis) of software, system, and architectures to communicate our current threat landscape, and design and prioritize mitigation solutions.
5. Continuously maintain expertise and Information as well as Product Security by participating in Industry forums, conferences, and training events
1. Maintain complete confidentiality of company and customer intelligence acquired at job

Required Basic Qualifications:
-----------------
1. Strong sense of ownership, urgency, and drive.
2. Ability to influence others.
3. Excellent written and oral communication skills; sharp analytical abilities.
4. Demonstrated solid expertise in security architecture, including: securing microservices,container security, web and software application security; cloud computing (SaaS/PaaS/IaaS) in AWS or Azure; network infrastructure and web services, Identity & Access Management (Authentication & Authorization), cryptography
5. Strong experiences with modern programming languages like C#, Java, Python,Go, etc
6. Strong communication skills in English
7. BS degree in Computer Science, Computer Engineering, Electrical Engineering, or a related field

Preferred Qualifications
-----------------
1. 8+ years’ experience in hands-on development in an object-oriented language)
2. 4+ years’ experience in cyber-security control design and implementation
3. 4+ years’ experience in cloud architecture and design
4. Security related certifications such as CISSP-ISSAP, OSCP, GIAC, GCIH, GCFA, GCIA, GPEN, GNFA, GCUX, CEH.
5. MS degree in Computer Science, Computer Engineering, Electrical Engineering, or a related field
6. Willingness to travel, up to 25% (domestic/international)

Physical Demands:
-----------------
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
1. Work involves extensive use of computers, up to eight hours per day.
2. Appropriate visual and dexterity abilities are required.
3. Must be able to lead cross functional team and conference / video calls.
4. Must be able to present to a larger audience (> 10 people).
--
修改:patriot FROM 59.109.152.*
FROM 59.109.152.*