We are looking for Cybersecurity experts

Chengbao is looking for cybersecurity experts to expand our security team, both junior and senior, as individual contributors and even people management positions. Your mission will be to protect the company from damaging security incidents.

Highlights

  • Join a market-leader in a fast-growing industry with security at its core
  • Work with a highly skilled team using best-practice engineering processes
  • Enjoy a meritocratic culture with fast decision-making
  • Solve large scale challenges with 3000+ physical servers world-wide in roughly 150 datacenters.

Responsibilities

The security team is responsible for:

    • Security Operations: set up and run security threat detection and mitigation processes.
      • Scan all devices on the company’s networks. Run Metasploit, the Kali Linux toolchain and similar tools on an ongoing basis in all office locations, using best-practice methods.
      • Run network-based intrusion detection. Detect and stop attack attempts or successful exploits. Research and implement solutions, or self-operated tools as needed.
      • Run host-based intrusion detection. Work with IT and Ops teams to use endpoint protection software both for employee devices, IT servers, as well as cloud-app servers. Ensure they comply with IT policy, have up-to-date patch status, only run authorized applications, guard against known malware, stream relevant logs for real-time analysis by the SOC, etc.
      • Collect and analyze logs from all devices across the company and monitor and alert on suspicious activity.
      • Partner with Ops-team to set up a 24/7 SOC to be Tier-1 for all security-related processes.
      • Design, implement and test incident response processes.
      • Oversee our bug bounty program.
  • Defense in depth: coordinate and actively participate in red team projects
      • Identify and vet external pentesting vendors, own the relationships in the long-term (they might engage with various teams across the company over time and need you as a consistent point of contact), help coordinate their projects.
      • Run pentests by yourself and together with colleagues.
      • Run security QA as part of our software development process.
      • Participate in tech-designs for new projects, advise on security issues.
      • Partner with IT and engineering teams. Your work will identify problems. Ensure that the issues have sufficient priority and get fixed promptly, and that root causes get eliminated where feasible.
  • Training of employees
    • Advocate security best practices across the company, including employee IT as well as cloud operations.
    • Curate security-related training content for all employees.
    • Be an internal trainer for some topics directly.
  • PR: create content describing our security processes to the public (ie: blog posts, guest posts, trust-center updates, open-source contributions, etc.). Build brand value.
  • Decide where to spend the company’s security budget on vendors, training and licenses.

Requirements

  • Expert knowledge of best practices in:
    • Pentesting
    • Employee IT technology, processes and policies
    • Cloud security, especially AWS
    • Secure software development and QA
    • Devops processes
  • Especially for people managers:
    • Excellent communication and interpersonal skills. Ability to influence others across the organization.

What we offer

  1. Attractive compensation and benefits
  2. Flexible working hours and encourages a healthy work-life balance
  3. Work in a challenging, collaborative, and fun environment

About us

At Chengbao, we’re leading the way to a more private and secure digital world. Consumers in over 180 countries around the globe rely on our industry-leading cybersecurity software and services.

We are an international tech company with hundreds of people worldwide and a core team in Hong Kong. We’re profitable, growing, and just getting started.

We hire world-class developers, product managers, and marketers in the industry, and give them the tools to succeed. Together, we ship beautiful, usable software for desktop and mobile that our customers use and love every day.

Ready to do the best work of your life? We’ve built just the place.