999视频在线免费观看,国产精品一二二区,亚洲国产香蕉视频,中文字幕有码在线视频,亚洲日本另类,中国三级黄色大片,成人中文字幕在线观看

職位角色
核心職責(zé)為保障產(chǎn)品 / 服務(wù) / 系統(tǒng)的安全性與穩(wěn)定性。通過對產(chǎn)品、服務(wù)及系統(tǒng)開展高效且全面的安全評估，確保其安全功能的可靠性。安全評估專員作為該領(lǐng)域的技術(shù)專家，需負責(zé)識別并協(xié)助解決各類安全問題，同時為硬件產(chǎn)品的安全測試提供焊接技術(shù)支持。本職位向中國區(qū)產(chǎn)品安全總監(jiān)直接匯報，同時在職能上向印度卓越中心經(jīng)理虛線匯報。

任職要求
工作經(jīng)驗：擁有 3 年以上安全領(lǐng)域從業(yè)經(jīng)驗，且在以下至少一個或多個領(lǐng)域具備專業(yè)能力：
人工智能安全測試
物聯(lián)網(wǎng)安全測試
藍牙 / 紫蜂 / 無線網(wǎng)絡(luò)安全測試
移動應(yīng)用滲透測試
網(wǎng)絡(luò)應(yīng)用 / 網(wǎng)絡(luò)服務(wù)安全測試
基礎(chǔ)設(shè)施安全測試
云安全評估
安全測試自動化與集成
技能要求
熟練使用各類安全評估工具；
具備嵌入式設(shè)備實操經(jīng)驗；
熟悉 JTAG、UART、SPI、I2C、MQTT 等硬件通信協(xié)議；
深入理解實時操作系統(tǒng)、全功能操作系統(tǒng)等各類固件系統(tǒng)；
掌握.exe、ELF 等格式應(yīng)用程序二進制文件的逆向工程技術(shù)；
具備物聯(lián)網(wǎng)設(shè)備安全評估與滲透測試經(jīng)驗；
精通 IEEE 802.11 無線網(wǎng)絡(luò)標(biāo)準(zhǔn)協(xié)議；
熟悉 WPA3、WPA2、WEP 等加密標(biāo)準(zhǔn)；
了解基于 802.1X 協(xié)議的網(wǎng)絡(luò)訪問控制技術(shù)；
掌握 IPSec、L2TP、SSL/TLS 等 VPN 通信協(xié)議；
具備無線網(wǎng)絡(luò)設(shè)備安全評估與滲透測試經(jīng)驗；
具備藍牙設(shè)備安全評估與滲透測試經(jīng)驗；
熟練使用 BlueZ、藍牙掃描器、Wireshark 等藍牙安全分析工具；
理解 IEEE 802.15.1 等無線通信安全框架；
具備漏洞手工利用實操經(jīng)驗，能夠編寫測試報告，精準(zhǔn)定位漏洞，并針對漏洞利用方式提供詳細整改建議；
熟悉當(dāng)前應(yīng)用安全領(lǐng)域的主流威脅與風(fēng)險。
加分項（非硬性要求）
具備 Java、.Net、C、C 等編程語言或開發(fā)平臺使用經(jīng)驗者優(yōu)先；
參與過多個產(chǎn)品 / 項目 / 應(yīng)用的端到端應(yīng)用安全測試，且對軟件開發(fā)生命周期（SDLC）及測試生命周期有深刻理解者優(yōu)先。
證書要求：需持有至少一項以下專業(yè)認證證書
注冊道德黑客（CEH）
職業(yè)滲透測試認證（OSCP）
注冊軟件生命周期安全專家（CSSLP）
注冊信息系統(tǒng)安全專家（CISSP）
注冊事件處理專家（GCIH）
注冊滲透測試工程師（GPEN）
出差要求：能夠接受不定期出差安排，包括國內(nèi)出差（蘇州、沈陽、深圳）及國際出差（印度班加羅爾、荷蘭）
語言要求：精通普通話與英語


關(guān)于飛利浦
飛利浦是一家全球領(lǐng)先的健康科技企業(yè)。我們秉持 “每一個生命都同等重要” 的核心理念，致力于讓世界各地的人們都能享有高品質(zhì)的醫(yī)療健康服務(wù)，矢志不渝，步履不停。加入我們，在成就一番不凡事業(yè)的同時，為改善人類生命質(zhì)量貢獻力量。
了解更多業(yè)務(wù)詳情
探索我們精彩紛呈的品牌歷史
深入解讀企業(yè)使命愿景
若你對本職位感興趣，且滿足大部分任職要求，我們熱忱歡迎你的投遞。即使不完全符合所有條件，你仍有可能成為本崗位或飛利浦其他職位的合適人選。點擊此處，了解更多飛利浦 “用心創(chuàng)造影響力” 的企業(yè)文化。


Your role:
Key tasks are to assure security robustness, by conducting efficient and effective security assessments on products / services / systems to ensure robustness w.r.t the security features. The security assessor is a subject ma er expert who identifies and helps resolve security issues, and also supports soldering work for hardware product security tests. The position reports to Director Product Security China, and dot-line functionally report to Indian SCoE manager.


You're the right fit if:

3 years of progressive experience in security domain with expertise in any one or more of the following areas:

AI Security testing

IoT Security testing

Bluetooth/Zigbee/Wi-Fi security testing

Mobile application hacking

Web application / Web Services security testing

Infrastructure security testing

Cloud security assessments

Automation and integration of security testing

Good hands-on experience with Security Assessment tools

Good hands-on experience with embedded devices

Exposure to Hardware protocols such as JTAG, UART, SPI, I2C, MQTT etc.

Good understanding of types of Firmware such as RTOS, Full pledged Operating system etc.

Good Knowledge in reverse engineering the application binaries such as .exe and ELF etc.

Experience in conducting security assessments and penetration testing on IoT devices

Should be Proficient in IEEE 802.11 standards (Wi-Fi)

Knowledge of WPA3, WPA2, and WEP encryption standards

Familiarity with 802.1X for network access control

Understanding of VPN protocols (IPSec, L2TP, SSL/TLS)

Experience in conducting security assessments and penetration testing on Wi-Fi devices

Experience in conducting security assessments and penetration testing on Bluetooth devices

Familiarity with tools for Bluetooth security analysis (e.g., BlueZ, Blescanner, Wireshark)

Understanding of security frameworks for wireless communications (e.g., IEEE 802.15.1)

Experience on manual exploitation of vulnerabilities, generating the reports, pin-pointing the vulnerabilities and provide detail recommendations on vulnerability exploitation

Exposure to current security threats, specific to the application security

*Experience/exposure to programming platforms such as Java /.Net/ C and C , is an added advantage

*Should have been involved in end to end application security testing for multiple products / projects / applications with good appreciation for SDLC and test life cycle.

Certifications: CEH/OSCP/CSSLP/CISSP/GCIH/GPEN (at least one)

Willing to occasionally travel domestically (Suzhou, Shenyang, Shenzhen) and international (Bangalore, The Netherlands)

Languages: Mandarin and English

Note (*): highly recommended but non-mandatory

About Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
61 Learn more about our business.
61 Discover our rich and exciting history.
61 Learn more about our purpose.
If you’re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care here.