Thc hin nh gi an ton thng tin (ATTT) cho cc ng dng trn nn tng web (bao gm API RESTful, .Net, Node.js), mobile (iOS, Android), v desktop app theo phn cng.
Tham gia phn tch m ngun (static analysis) pht hin l hng bo mt trong cc ngn ng nh JavaScript, Python, C#.
xut, pht trin, v ci tin phng php thc hin nh gi bo mt, bao gm k thut kim th t ng v th cng.
Nghin cu cc li bo mt mi, k thut khai thc, v tn cng tin tin p dng vo quy trnh pentest.
Vit bo co pentest chi tit, phi hp vi i pht trin khc phc l hng.
YU CU CNG VIC
Tt nghip i hc chnh quy tr ln chuyn ngnh Cng ngh thng tin, An ton thng tin, hoc cc chuyn ngnh tng ng.
C t 2 nm Kinh nghim v tr tng ng
thc hin t nht 5 d n pentest, bao gm phn tch m ngun v khai thc l hng phc tp.
Hiu r cc l hng bo mt thng gp theo OWASP Top 10 v c kh nng p dng vo kim th thc t.
C kh nng lp trnh an ton ng dng web (JavaScript, Python, Java) v phn tch m ngun vi cng c nh SonarQube, Checkmarx.
Nm vng quy trnh pentest h thng ng dng, t recon n bo co.
S dng thnh tho cc cng c nh Burp Suite, Frida, MobSF, Nmap, Semgrep, v Metasploit.
C kh nng nghin cu v pht trin script/tools (Python, Bash) phc v cng vic pentest.
Kh nng vit bo co pentest chi tit v giao tip hiu qu vi i k thut.
Li th: Kinh nghim thc t trong source code review, c CVE, hoc pht hin li trn cc trang bug bounty (H1, Bug Crowd).
Li th: S hu chng ch bo mt nh OSWE, GWAPT, OSCP hoc tng ng.
QUYN LI
Gi thu nhp nm hp dn (13 thng lng, thng hiu qu, thng Qu, Nm...).
y cc ch theo lut lao ng hin hnh.
Chnh sch phc li theo quy nh ca Cng ty a dng: Chm sc sc khe nh k hng nm;
Gi bo him sc khe chuyn bit (FPT Care Khm cha bnh min ph ti tt c cc bnh vin); Cc hot ng tri n, chm lo i sng tinh thn CBNV v Thn nhn ...
Mi trng lm vic thn thin, ci m.
C s vt cht v cng c lm vic hin i, tin nghi.
Nhiu c hi pht trin v thng tin.
Vn ha Doanh nghip c sc, sinh ng bc nht vi nhiu cc hot ng hp dn: tn binh, teambuilding, thi trng, hi lng, hi din Sao Chi, sinh nht FPT, ngy 08/03, ngy 11/11...
