4.3 Third stage (12-18 months)

I. Background

In the process of the company's development in recent years, the team has been expanding, and the main business is on-site at Party A, providing various safety services for Party A. However, due to the different positions of Party A and Party B, there are some problems in the technical development and personnel management of the company:

For example: the working environment of Party A is relatively oppressive, management is rigid, and the work is more fixed and complex.
Due to the lack of a good technical research atmosphere and a mature technical exchange platform, technical personnel do not feel any progress or improvement in technology, and even may stagnate.
The turnover rate of technical personnel is high, and there is a phenomenon of bad money driving out good money; with the replacement of technical personnel, the company itself does not have its own technical accumulation and accumulation.
The intellectual achievements of technical personnel belong to Party A, the company itself does not have its own corporate reputation label, leading to a single source of business and difficulties in promoting on-site service projects, and easy to be绑架 by customers.
Therefore, in order to ensure the good development of the company, it is urgent to establish a laboratory of our own to bring new driving force and strong technical support for the company's development.

Two, Vision

With the vigorous development of the security industry, the company expects to develop further and have high-end security capabilities.

The security laboratory aims to develop technology, has certain capabilities in security technology research and product development, has certain security vision and layout, has certain competitive ability and technical paper publication ability, can incubate a security technology brain belonging to the company, improve the atmosphere of technical communication, promote the improvement of the technical level of technical personnel within the company, enhance the company's industry reputation, reduce the turnover rate of technical personnel, and strengthen the company's security team.

Three, Capabilities of the Laboratory

3.1 Ability to Conduct Security Technology Research and Product Development

Research directions focus on penetration testing, code auditing, APT, reverse engineering, IoT, etc., follow the development of new technologies, and study the application of new technologies.

3.2 Competitive Ability

Have certain competitive ability, participate in various CTF, network defense contests, and win awards.

3.3 Ability to Communicate and Share Technology

Organize technical exchange and sharing meetings to enhance the overall technical capabilities of the company and improve the atmosphere of technical communication.

3.4 Ability to Publish Technical Articles

Publish articles or papers in well-known security magazines or communities.

Four, Construction Plan

4.1 First Stage (3-6 months)

4.1.1 Personnel Recruitment

(1) Quantity: 2 people

(2) Positions: Penetration Testing and Attack溯源 Security Engineer

(3) Recruitment requirements:

Security Engineer

1) Have a strong interest in security and strong independent research capabilities;

2) Master at least one programming language, capable of writing programs to solve problems by yourself;

3) Familiar with penetration testing steps, methods, and processes, proficient in using a certain amount of penetration testing tools;

4) Familiar with various attack technologies and methods, with an understanding of the vulnerabilities of various applications;

5) Familiar with common scripting languages, capable of conducting web penetration testing/malware code detection and analysis;

6) Have good character, a positive attitude towards life, and a good team working spirit.

4.2.2 Laboratory Functions

1) Carry out technology research
2) Build and maintain the laboratory public account, publish (share) articles on the latest industry trends regularly (at least an average of XX articles per day);
3) Promote internal technology sharing in the company, create a good communication atmosphere, and enhance the enthusiasm of technical personnel for work;

4.2.3 Assessment indicators

1) Progress in Technology Research
2) Article Reading Volume
3) Technical sharing meeting evaluation

4.2 Second Stage (6-12 months)

4.2.1 Personnel Recruitment

(1) Quantity: 2 people

(2) Positions: 1 senior security development engineer; 1 CTF flag race player

(3) Recruitment requirements:

Secure Development

1) At least 3 years of development experience, familiar with Python programming, excellent coding skills, and a lot of project practice

2) Proficient in mainstream Python frameworks

3) Familiar with Linux operating system and development environment;

4) Familiar with the architecture design and construction methods of hadoop, rule writing, and secondary development;

5) Understand common attack methods and corresponding monitoring and defense measures

CTFFlag race player

1) Familiar with mainstream operating systems (Linux, Windows, etc.) and mainstream databases (SQL, MySql, ORACLE, etc.) and have penetration testing capabilities;

2) Familiar with Web attack methods, such as SQL injection, XSS attack, command injection, CSRF attack, upload vulnerability, parsing vulnerability, etc.;

3) At least familiar with one programming language C/C++/Perl/Python/PHP/Go/Java, etc., and able to perform WEB penetration testing, malicious code detection and analysis;

4) Familiar with assembly language, with certain reverse engineering capabilities, and able to analyze viruses, trojans, APPs, etc.;

5) Have a positive attitude, strong sense of responsibility, and good team collaboration spirit;

6) Bonus items:

1. Have experience in CTF competitions and network defense competitions, and have won good rankings;

2. Independently discovered general vulnerabilities, with CNVD original certificate or cve certificate;

3. Published articles in well-known security magazines or communities;

4.2.2 Job functions

1) Research new security technologies, with the main research direction being XXXX
2) Carry out technical exchanges and provide timely training guidance
3) Technical support for company projects
4) Participate in competitions

4.2.3 Assessment indicators

1) Progress of technical research (achievements)
2) Project support evaluation
3) Technical sharing meeting evaluation
4) Technical training evaluation
5) Article sharing evaluation

4.2 Third stage (12-18 months)

4.3.1 Personnel recruitment

(1) Number: 3 people

(2) Positions: 1 CTF flag race player; 1 IOS/Android reverse engineer; 1 IOT researcher

(3) Recruitment requirements:

1) More than 3 years of relevant work experience, if all the following conditions are met, this requirement can be ignored;

2) Proficient in the use of post-penetration tools such as Cobalt Strike, Empire, Metasploit, etc.;

3) Proficient in various penetration ideas and methods in the workgroup/domain environment;

4) Have experience in penetration testing in large and complex network environments

5) Have independent vulnerability挖掘 and research capabilities;

6) Proficient in at least one development language, including but not limited to C/C++, Java, PHP, Python, etc.;

7) Good communication and team collaboration skills.

4.3.2 Laboratory functions

1) Research and development of safe products
2) Technical research and the achievement of research results

4.3.3 Assessment indicators

1) Technical research achievement evaluation
2) Project support evaluation
3) Technical sharing meeting evaluation
4) Technical training evaluation
5) Article sharing evaluation

Chapter 5: Management System

5.1 Organizational Structure

The security laboratory is an independent security group within the company, and the laboratory will be composed of XX people. The internal leader of the laboratory is XXX, who will be organized by XXX and supervised and executed by XXX. The internal leader will be responsible for the relevant work of the laboratory. The forms of communication and feedback are meetings, reports, and telephone communications, etc.

5.2 Working Mechanism

5*8 + no card system
If laboratory personnel have to work due to work reasons:
If the time of leaving work in the evening is later than 20:00, you can report to work at XXX the next day;
If the time of leaving work in the evening is later than 00:00, you can report to work at XXX o'clock the next day.

5.3 Distribution of Salary

Implement the system of monthly salary + extra project bonus + year-end bonus (minimum: XX; maximum: XX)

5.4 Reward and Punishment Mechanism

The completion of the laboratory's work is evaluated according to the assessment indicators, and the results are reflected in the monthly performance salary.

Chapter 6: Program Support

6.1 Funds

6.1.1 Salary

Ensure the normal distribution of monthly salaries and year-end bonuses for laboratory staff

6.1.2 Special Rewards

(Competitions, research achievements, readings of articles on various platforms, etc. are considered special content)

The cost of winning competitions will be distributed according to the proportion of XXX; When the number of readings of the public account articles reaches XXX in the first stage of construction, a reward of XXX will be given; When the number of readings of the public account articles reaches XXX in the second stage of construction, a reward of XXX will be given; When the number of readings of the public account articles reaches XXX in the third stage of construction, a reward of XXX will be given; Rewards will be given according to the weight of the research achievements;

6.1.3 Training and Attendance Fees

The training and attendance fees for laboratory members will be covered and reimbursed by the company.

6.1.4 Equipment Procurement

High-performance laptops and other work resources such as cloud computing resources and machine learning computing resources will be purchased for laboratory members.

6.2 Venue Support

XXX can be used, and adjustments can be made according to needs later

6.3 Project Management

1) Responsible person: XXX
2) Progress reporting mechanism
Reporting frequency: weekly reports/monthly reports
Reporting methods: reports, meetings, etc.
3) Daily communication mechanism: meetings, instant messaging, email, etc.

Chapter 7:Recruitment Source

Internal Referral: QQ Group, WeChat Group, Friends in the Circle
Website: FREEBUF, ChaMd5, Anquanke, Vuls, T00Ls, SecQuan
App: BOSS Zhipin, Zhaopin, 51Job, Lagou
Headhunting