1. Participate in the construction of the company's application security system, establish pre launch security reviews for applications, promote code security, application component security, black box and interactive application security testing, code release and other processes; 2. Responsible for overall business security testing and pre launch code security audit work; 3. Research the use of source code static inspection techniques for code vulnerability detection and analysis, and implement corresponding core algorithms or tools; 4. Responsible for evaluating and improving the inspection capabilities of source code static inspection tools; Intercept and reduce the security risks of company products through tools. 5. Develop and improve security technical specifications, including but not limited to security development specifications, security assessment and testing specifications, etc.