Note: Senior Security Engineer (Code Audit Direction) 1. Independently responsible for or assisting in the white box code audit of company projects (mainly PHP/Java), identifying high-risk vulnerabilities and business logic risks; 2. Undertake black box penetration testing tasks for key systems, simulate attacker strategies, and verify security vulnerabilities; 3. Participate in internal red blue confrontation, emergency response, and vulnerability replication, and identify the root cause of security incidents; 4. Participate in the security assessment of self-developed products, output vulnerability POCs, reproduce demos, and audit reports; 5. Track high-risk vulnerabilities in the industry, such as RCE, deserialization SSRF、 Supply chain injection, etc., to assist in completing external vulnerability disclosure and reporting to cooperating vendors; 6. Guide or train junior security engineers to improve the overall technical level of the team.