Orange Cyberdefense欢迎您的加入！

Orange Cyberdefense在中国业务发展需要，现开放以下网络安全相关的工作岗位：

▪   Penetration Testing Engineer (2024年12月17日发布)​​​​​​

▪    SIEM (Splunk) Engineer (2024年11月20日发布）

▪    Technical Delivery Manager (2024年11月20日发布）

▪    Security Account Manager (2024年11月21日发布）

简历请发送至：judy.lin@orangecyberdefense.com

职位：Penetration Testing Engineer (2024年12月17日发布)

工作地点：

上海

岗位描述：

We are looking for a skilled Penetration Testing Engineer with expertise in penetration testing and security assessments. You will be responsible for identifying and addressing security vulnerabilities in enterprise networks and developing attack tools. The ideal candidate will have hands-on experience with offensive security techniques and a strong interest in cybersecurity.

岗位职责：

▪    Conduct security assessments of enterprise networks to identify vulnerabilities and weaknesses.

▪    Research advanced attack techniques and develop custom attack tools to simulate real-world threats.

▪    Perform penetration testing across a variety of systems and environments, identifying security gaps and recommending solutions.

技能要求：

▪    Bachelor’s degree or higher, preferably in Network Security, Computer Science, Information Technology, or a related field.

▪    At least 2 years of experience in penetration testing or related security roles.

▪    Strong knowledge of common security vulnerabilities and the OWASP Top 10, including their causes and remediation strategies.

▪    Ability to conduct code security audits and independently perform white-box code reviews.

▪    Expertise in using various penetration testing tools with an in-depth understanding of their principles and practical application.

▪    Proficiency in at least one programming language (e.g., Python, Java etc.), with the ability to write custom scripts for penetration tests.

▪    Thorough understanding of offensive and defensive security techniques, along with the related vulnerabilities.

▪    Familiarity with system security mechanisms and basic security development capabilities.

▪    Proficient in post-exploitation techniques, including domain penetration.

▪    Possession of relevant network security certifications such as OSCP is preferred.

▪    Strong interest in security and a passion for independent research.

▪    Fluent English is preferred.

职位：SIEM (Splunk) Engineer (2024年11月20日发布)

工作地点：上海

岗位描述：

▪   As a Managed Security Service Provider (MSSP), we're seeking an experienced SIEM Engineer for our Cyber Security Operations Center (CyberSOC) team. The ideal candidate will have a deep understanding of SIEM tools, predominantly Splunk with a smaller emphasis on Sentinel. The role involves supporting proposal development for new customers and day-to-day operations of existing customer instances. Strong collaboration, hands-on technical skills, and excellent documentation abilities are essential for success in this position.

岗位描述：

▪  Proactively maintain and optimize SIEM instances (primarily Splunk, with some Sentinel) to ensure high performance and availability. 

▪  Respond promptly to customer requests, incidents, and SIEM-related issues.

▪  Collaborate with cross-functional teams to troubleshoot and resolve SIEM problems.

▪  Document current configurations, maintenance processes, and records.

▪  Work closely with customers to understand their requirements and provide effective solutions.

▪  Stay current with the latest SIEM features, updates, and best practices.

▪  Participate in on-call support for urgent issues.

技能要求：

▪   English writing is required; speaking is a plus.

▪   Bachelor's degree in Computer Science, Information Technology, or a related field.

▪   3 years of hands-on experience as a Splunk and Sentinel Engineer/Administrator.

▪   Splunk or Sentinel certifications are a plus.

▪   Strong knowledge of Splunk architecture, SPL, and advanced query techniques.

▪   Experience in designing, implementing, and maintaining SIEM in enterprise and cloud environments.

▪   Excellent troubleshooting and problem-solving skills.

▪   Ability to communicate technical concepts to both technical and non-technical stakeholders.

▪   Proven track record of proactive system maintenance and optimization.

▪   Strong documentation skills with the ability to create clear and comprehensive technical documentation.

职位：Technical Delivery Manager (2024年11月10日发布）

工作地点：上海

岗位描述：

▪    As a Managed Security Service Provider (MSSP), we are seeking an experienced and dynamic Technical Delivery Manager in our Cyber Security Operations Center (CyberSOC) team. The ideal candidate will possess a deep understanding of cybersecurity, incident response, and threat detection methodologies. The Technical Delivery Manager will be responsible for overseeing the day-to-day operations of the served customer, and ensuring the effective detection and response to cybersecurity threats from customers.

岗位职责：

▪   Technical Oversight Maintain and Update Client IT Infrastructure Documentation: Ensure the accurate and up-to-date documentation of client IT infrastructure.

▪   Manage Log Source Collection Knowledge: Oversee the knowledge base for log source collection and manage the process of adding or removing log sources.

▪   Maintain Client Use Case and Playbook Lists: Manage and update the list of use cases and response playbooks tailored to each client's specific security needs.

▪   Provide Analyst Training: Conduct training sessions for analysts on client-specific information and processes to ensure they are equipped to handle client requirements effectively.

▪   Manage Client Permissions: Handle client permissions and maintain access controls, including permissions for colleagues and new team members.

▪   Supervise Analysts and Ensure Quality Case Handling: Oversee analysts' daily case handling activities and ensure adherence to quality standards.

▪   Coordinate Incident Response and Reporting: Lead coordination efforts for incident response activities, including incident resolution and reporting to clients.

▪   Coordinate Threat Hunting Activities: Collaborate with the security team to develop and execute threat hunting plans tailored to each client's environment.

▪   Generate Weekly and Monthly Reports: Prepare and deliver comprehensive weekly and monthly reports to clients, highlighting key security metrics and insights.

▪   Manage Client Requirements and Maintain Demand Register: Coordinate and prioritize client requests, maintaining a demand register to track ongoing and upcoming tasks.

▪   Record Team Efforts and Hours: Maintain accurate records of team efforts and hours spent on client engagements for reporting and billing purposes.

▪   Assist with Contract and Scope Updates: Support the client contract renewal process by providing insights and recommendations based on client needs and service delivery experience.

▪   Facilitate SOC Service Onboarding for New Clients: Lead the initiation and implementation process for new clients, ensuring a smooth transition to SOC services.

▪   Support Pre-Sales Activities for New Clients: Assist with pre-sales activities, including client consultations, solution presentations, and proposal development.

技能要求：

▪  Passion for Customer Service: Demonstrated enthusiasm for providing exceptional customer service and building strong client relationships.

▪  Familiarity with Enterprise IT Architecture and Management Processes: Proficient understanding of enterprise IT architecture, organizational structures, and management processes.

▪  Knowledge of Customer Service Processes: Familiarity with customer service standards and best practices, with the ability to effectively manage client expectations.

▪  English Language Proficiency: Strong communication skills in English, both verbal and written, to effectively interact with international clients and stakeholders.

职位：Security Account Manager (2024年11月21日发布)

工作地点：上海

岗位描述：

▪   In this role, you will lead customer-facing security service sales, serving as a point of contact for customer and partners. You will uncover, qualify, and close security service sales using entire Orange Cyberdefense portfolio of offerings and services. As a Security Account Manager, you will partner with CyberSOC team, HQ sales and technical team to guide new selling initiatives in China. Your success will result in strategic elevation of Orange Cyberdefense with customers/partners.

岗位职责：

▪  Own and deliver on a sales target for the Orange Cyberdefense Security Services and solutions in China.

▪  Responsible for developing and implementing the go-to-market plans to accelerate the growth of CyberSOC services & other portfolio as well

▪  Work with Orange Cyberdefense marketing, customers and channels, technical teams to drive pipelines and close the deal

▪  Capture and drive CyberSOC products and services requirements suitable forMNC customers in China or Chinese customer going abroad

技能要求：

▪  Passionate about helping customers to secure their business and having track record with successful sales performance.

▪  Understand and articulate how security powers business and growth.

▪  Familiar with security industry trends, business drivers and the opportunity for expansion of security services.

▪  Proven success as sales within the IT security industry with at least 10 years of experience from working with security services or solutions.

▪  Strong presentation and proposal written skills.

▪  Strong communication and collaboration skills.

▪  Direct customer experience needed while channel experience is plus. 

▪  Suitable technology or business university degree qualification preferred.

▪  Chinese and English are must, and French is a plus.