1. Security Architecture Planning & Implementation - Lead the planning, design, and evolution of the company’s overall security architecture (e.g., Zero Trust networking, cloud, business systems, data security, and identity/access systems). - Build reusable security capabilities into reference architectures, standards, and security baselines, and drive adoption and implementation across teams. 2. Defense-in-Depth Program Development - Design detection and prevention capabilities against common attack chains (e.g., phishing, lateral movement, supply chain attacks, and cloud attack/defense techniques) to improve alert quality and response efficiency. - Conduct security reviews and threat assessments for new businesses, new systems, and major changes; identify risks and define mitigation plans. - Promote “shift-left” security by embedding controls into CI/CD, release processes, Infrastructure as Code (IaC), and code/dependency governance. - Lead analysis and coordination for major security incidents (root cause analysis, impact assessment, remediation, and long-term governance improvements).
- 8+ years of experience in network and system security, with leadership experience in security architecture, security technical planning/roadmapping, or security engineering. - Strong knowledge of common security vulnerabilities and attack techniques; familiar with mainstream security products and typical IT and cloud infrastructure. - Hands-on offensive/defensive mindset, with experience participating in or leading red/blue team exercises, penetration testing, security drills, and post-incident reviews. - Proven ability to drive cross-team execution: breaking down security requirements, milestone planning, and collaborating with R&D, DevOps/SRE, compliance, and other stakeholders. - Solid experience in cloud and container security (at least one major cloud provider such as AWS/Azure), with understanding of IAM, KMS, cloud logging, and cloud-native security. Preferred Qualifications (Plus) - Experience in the Crypto industry, wallet security, and on-chain incident analysis. - Experience building security architecture for large enterprises, including Zero Trust, data security, unified identity, centralized logging, and asset governance. - Fluency in both Mandarin Chinese and English is required. - Immediately available will be preferred.
- WFH Policy - Discretionary Bonus - Options
Map For Jobs — Web3行业的求职地图