Aquaboutic | Focus Security Research | Vulnerability Exploit | POC


employment information network of beijing university of aeronautics and astronautics

Posted by melchionda at 2020-03-30

Penetration test engineer 10k-70k / month


1. Be responsible for the implementation of penetration test technical services and the preparation of penetration test reports;

2. Participate in the development of safety products and provide penetration attack and prevention ideas;

3. Analyze the mainstream penetration testing methods and study new penetration techniques.

Job requirements

1. Have a deep understanding of the principle, harm, utilization and repair methods of the mainstream web security vulnerabilities;

2. Be familiar with the mainstream security tools, and be able to conduct security tests on relevant applications by hand or in combination with tools;

3. Be familiar with code audit process, methods and the use of mainstream code audit tools;

4. Familiar with one or more mainstream programming languages, and can develop simple security tools;

5. Safety service, penetration test and other project implementation experience are preferred.


Vulnerability Security Engineer 10K - 150k / month


1. Follow up and reappearance of security technology at home and abroad, including: operating system security vulnerability, web application security vulnerability, IOT device security vulnerability;

2. According to their own research direction, research system principle and vulnerability principle;

3. For common operating systems, software vulnerability mining and analysis related technology research and tool development;

4. Research and track the current attack and defense methods in the industry, and study new attack and defense methods.

Job requirements

1. Familiar with the principle of security loopholes, have the experience of independent analysis or mining loopholes;

2. Familiar with the principle of operating system, familiar with disassembly, strong ability of reverse analysis;

3. Experience in actual vulnerability detection and analysis is preferred;

4. It is preferred to have developed vulnerability mining system or excavated system software vulnerability;

5. Have a certain ability to write code, at least master C \ C + +, Lua, python two or more common programming languages;


R & D Engineer 10K - 30K / month


1. Responsible for safety product demand analysis, architecture design, product development and continuous improvement;

2. Research on new safety products, research and implementation of landing plan.

Job requirements

1. Solid theoretical foundation of computer, deep understanding of operating system principle and TCP / IP protocol

2. Master a programming language, such as C, python, go, etc

3. Familiar with common data structure and algorithm

5. Safety experience preferred


IOT Safety Engineer 10K-50K / month


1. Research the architecture, protocol and security of intelligent hardware platform;

2. Carry out penetration test and vulnerability mining for intelligent hardware platform and products;

3. Provide customized security solutions for different intelligent devices.

Job requirements

1. Familiar with Linux, arm, MIPs and other CPU architecture instruction set, and disassembly.

2. Familiar with one of C, python, shell, Ruby Programming languages, etc., with good POC and exp writing ability.

3. Proficient in software reverse static analysis, dynamic debugging, code tracking, etc., proficient in using JTAG, openocd, TTL and other hardware debugging tools.

4. With PCB analysis and test ability, proficient in using GDB, IDA for kernel mode and user mode program debugging and reverse analysis.

5. Those who have dug holes in IOT devices and network devices are preferred.

6. Experience in developing vulnerability detection tools is preferred.


Linux Development Engineer 10k-30k / month


1. Compile all kinds of network testing tools;

2. Maintain all kinds of testing tools that the company has;

3. Collaborative testing tools;

Job requirements

1. Familiar with Linux system of mainstream distributors;

2. Solid C language foundation;

3. Familiar with Linux system call;

4. Familiar with TCP / IP, socket, select and epoll;

5. Good coding style;

6. Able to work under high pressure;


Linux Kernel Development Engineer 10k-30k / month


1. Maintain existing kernel modules;

2. IOT direction research and development;

Job requirements

1. Familiar with Linux kernel architecture;

2. Familiar with Linux kernel debugging;

3. Familiar with Linux file system;

4. Familiar with Netfilter framework;

5. IOT experience is preferred;

6. Able to work under high pressure;


Code security audit engineer 10k-40k / month


1. Develop source code security specifications and conduct source code security audits.

2. White box / black box security test of web system.

3. Mining unknown security vulnerabilities and code defects in PHP / Java / ASP program, verifying the vulnerabilities, and preparing security reinforcement report.

4. It can analyze the common vulnerability causes, principles, availability, risk level and other related reports, such as SQL injection, XSS, CSRF, command execution, file inclusion, arbitrary file download / read. File upload, unauthorized / unauthorized operation and other vulnerabilities.

5. Track and analyze the latest security vulnerabilities in the industry.


1. Have a deeper understanding of PHP / Java / ASP programming, have certain programming ability, and be familiar with the mainstream PHP framework, such as ThinkPHP / Yii, etc.

2. Understand the common code defects and security vulnerabilities in programs developed with PHP / Java / ASP and other languages.

3. Master the mainstream source code audit tools, such as checkmarx cxenterprise, armorize codesecure, fortify SCA, rips, etc.

4. Master at least one scripting language Python and programming development language (C / C, etc.).

5. Familiar with common security attack and defense technology and security vulnerabilities, familiar with common penetration testing tools.

6. Familiar with common web security vulnerability analysis and prevention, including SQL injection, XSS, CSRF and other OWASP top 10 security risks.

7. Proficient in source code testing tools and testing process, active code security testing experience is preferred.

8. Pragmatic, innovative, able to learn and have strong communication ability.