「Cloud Solution Architect(CSA)/雲端安全產品架構師-Security[Purview/XDR](Location: Taiwan/Japan)」的相似工作

我們是一支結合 【創意與數據】 的跨域團隊， 專注於 SEO、網站行銷策略、文案企劃與網站分析，並結合軟體工程專業， 為客戶提供量身打造的行銷與技術整合服務。 在開放、扁平、友善的文化中，我們重視專業與品質，也相信數據與創意能改變未來， 誠摯邀請你加入這個一起成長的團隊！ _____________________________________________________________________________________________ <工作內容> ※ 日常工作（Routine）： 1. 提供 IT 支援與疑難排解（PC、網路、作業系統、軟體） 2. 管理 IT 資產與設定（作業系統、應用程式、硬體） 3. 產品與系統運維（環境建置、部署、監控、告警排除） ※ 專案任務（Project-based）： 1. 建置與優化 CI/CD 流程（GitLab CI） 2. 推動資訊安全管理與稽核流程 3. 雲端與容器化基礎設施維運（VM / Docker / 虛擬機） ※ 橫向合作： 1. 協助開發團隊進行系統部署與自動化建置 2. 與管理層溝通，撰寫 IT 作業與安全政策文件 3. 擔任團隊內部的 IT 支援角色，提升整體運營效率 <必要條件> 1. 2 年以上 IT 支援或系統管理相關經驗 2. 擅長至少一種程式語言（Python 佳） 3. 熟悉網路連線與設備管理 4. 擅長流程化與自動化實作 5. 良好的團隊合作能力，能提供夥伴技術支持 <加分條件> 1. 具備雲端平台、容器架構（如 Docker）經驗 2. 熟悉監控與日誌系統（如 Prometheus、Grafana、EFK） 3. 熟悉 Git 與版本控制工具 4. 有 DevOps 相關工具實作經驗

Introduction to the job Do you like challenges and do you want to work in a fast pacing supply chain environment to support some of the biggest semiconductor companies worldwide? Are you familiar with Logistics Operations and like to managing urgent demands on a daily basis?  If this sounds like you and if you have a strong customer oriented mindset, here is your mission. Role and responsibilities For our Global Operations Center in Taiwan we are searching for Supply Chain Professionals. You fulfill the demand of our customers for spare parts and tools for their maintenance activities on some of the most complex machines in the right quantity and at the right time & cost. Time is of the essence to ensure a seamless production of our customers without interruptions on our machines. -Handling of urgent material requests from worldwide customers in a rolling 24/7 shift system with the right customer focus, while meeting all milestones related to communication and execution -Monitoring of worldwide shipments  -Ability to resolve complex issues and drive improvements to further optimize processes -Ability to support escalations and provide communication proposals for review -Constructive and reliable communication with worldwide stakeholders from all departments within ASML -This position requires shift work. Education and Experience Bachelor's Degree in related subject i.e. Supply Chain Management, Information Science, Engineering etc. preferred -Minimum 1 year of relevant experience in an international company, semiconductor industry is preferred -A tactical thinker with strong interpersonal and communication skills -Analytical thinking and ability to organize and prioritize workload Skills Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues.  There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems. To thrive in this job, you’ll need the following skills: -Stress-resistant; act under high pressure -Flexible; willing to go the extra mile for the customer -Excellent professional communication in English, written and oral -Drive for results; does not stop until solution has been found, even when obstacles arise -Team player -Change management competencies -Convincing, pro-active and “can do” mentality -Cultural awareness -Experience with ERP system(s), SAP R/3 knowledge preferred -Ability to prioritize Diversity and inclusion ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company. Need to know more about applying for a job at ASML? Read our frequently asked questions.

1. 尋找與評估安全測試工具 - 主動探索市場上成熟或新興的安全測試工具（開源 / 商用 / SaaS），進行功能評估、準確度/效能測試與風險評估。 2. 開發與維運自動化滲透測試工具 - 設計、開發與優化自動化掃描、驗證與 PoC 模組（XSS、SQLi、RCE、Command Injection、File Read、File Upload 等）。 3. 為客戶執行滲透測試服務 - 依授權範圍執行 Web / API / Mobile / Cloud 的滲透測試，結合自動化掃描與手動驗證。 4. 參與 CTF 比賽與技術研究 - 定期參與 CTF 比賽提升攻擊與防禦技巧。

Overview We are seeking a highly skilled DevOps Engineer with strong Azure expertise to design, build, and maintain CI/CD pipelines while ensuring the availability, security, and scalability of our cloud infrastructure. You will play a key role in enabling automation, improving deployment efficiency, and supporting the development team with reliable and secure Azure-based solutions. ________________________________________ Responsibilities • Design, implement, and maintain CI/CD pipelines (Azure DevOps, GitHub Actions, or equivalent). • Deploy, manage, and automate Azure resources (Azure App Service, AKS, Azure Functions, Cosmos DB, Key Vault, Azure Monitor, etc.). • Develop and maintain Infrastructure as Code (IaC) using Bicep or ARM. • Implement monitoring, alerting, and logging to ensure system reliability and observability. • Collaborate with development teams to improve deployment efficiency, version control, and environment consistency. • Strengthening cloud security and access management (RBAC, Managed Identity, Key Vault secrets management). • Monitor and optimize system performance, resource utilization, and cost efficiency. ________________________________________ Qualifications • Proven experience working with Microsoft Azure, including Azure DevOps, Resource Manager, Cosmos DB, and Container Service. • Strong understanding of CI/CD processes and automation tools. • Scripting/programming experience in Python, PowerShell, or Bash. • Hands-on experience with Infrastructure as Code tools (Bicep, ARM, Terraform, or Ansible). • Knowledge of containers. • Experience with monitoring, logging, and troubleshooting in the cloud (Azure Monitor, Application Insights, Log Analytics). • Proficiency with Git version control and branching strategies. • Strong problem-solving and communication skills, with the ability to collaborate across teams. ________________________________________ Nice to Have • Azure certifications such as AZ-104, AZ-400, or AZ-305. • Full Stack development (React.js, Python ...) • Basic Knowledge about AI (AI model, OpenAI API, RAG ...) • Experience with multi-cloud or hybrid cloud environments. • Familiarity with security best practices (Zero Trust, Security Compliance, etc.). • Experience with Site Reliability Engineering (SRE) principles.

招募台灣地區工程師 公司提供簽證的更新以及新規簽證。 可提供高度人才簽證(5年)額外加20分，提早取得永久居留權。 執行案件為一般商業、金融案件居多，會派至委託公司駐點或在宅。 【工作內容】 1.負責軟體之分析、設計以及程式撰寫。 2.規劃執行軟體架構及模組之設計，並控管軟體設計進度。 3.進行軟體之測試與修改。 4.規劃、執行與維護量產的產品。 5.協助研發軟體新技術與新工具。 【工作職缺】赴日IT軟體開發工程師(工作經驗三年以上) 【徵求條件】JAVA,ASP.NET,C#C,C++,Python,salesforce,SAP,PHP,IOS,Android,AWS,React.Ruby. （其中有一至兩項擅長的項目歡迎詢問） *無日文N1以上(可無檢定證書,但需聽說讀寫流利)請勿投遞履歷，國外遠端工作不可* 【工作地點】日本關東地區 【工作時間】9:00-18:00 中午休息1小時（依客戶現場為主） 【公司制度】1.提供雇用保險、健康保險、年金保險 2.完全週休2日、GW/夏休／年末年始連休 3.工作產生的交通費實報實銷 4.一年一度健康檢查

【工作內容】 1.審查並核可測試報告，確保內容完整、數據正確，並符合相關技術標準及認證規範。 2.對測試結論與資料承擔最終專業責任，確保報告具備可追溯性與法規符合性，同時維護文件品質與紀錄流程之正確性。 3.參與內部審查與持續培訓，支援實驗室品質系統之運作，並協助提出報告格式或流程改善建議，以提升報告的清晰度、專業性與一致性。 職務要求： 1. 熟悉 ISO/IEC 17025、CNS 17025 測試實驗室規範、運作及作業流程。 2. 熟悉本實驗室各項資安檢測作業。 3. 能完成上級交辦事項。 4. 具備 3 年以上資安相關工作經驗。 5. 持有行政院公告之資通安全專業證照清單內，兩張技術類型專業證照，或 管理類與技術類專業證照各一張。 6. 大專以上學歷。 【加分條件】 熟悉資安實務相關知識

1. 客戶需求訪談並製作做會議紀錄。 2. M365 帳號管理權限設定。 3. Azure AD 及 Exchange mail online建置設定及相關問題處理。 4. 了解基本資安及網路概念。 5. 熟悉M365 Exchange Online MailBox移轉相關的服務。 6. 使用者電腦端程式設定 7. 主管其他交辦事項。 其他條件： 1. 具備Azure雲概念及操作能力，熟悉微軟M365管理設定尤佳。 2. 具備Azure/M356相關證照尤佳。 3. 具備系統管理員經驗尤佳。 4. 具備獨立思考、學習新技術能力。 5. 願意學習Presale及PM服務能量。 6. 具備正向態度與良好溝通能力，能與M365和GWS團隊成員教學相長。 7. 配合公司政策及主管要求，彈性靈活支援專案。 8. 工作環境單純，同儕友善，能長期穩定工作者佳。

【About the role】 Hytech is seeking a forward-thinking Manager of Software Security Architecture to lead the strategy, development, and execution of a world-class application security program. This highly technical leadership role will define the vision for embedding security throughout the software development lifecycle (SDLC), including modern AI and machine learning platforms. The ideal candidate will have deep expertise in secure software development, application security engineering, CI/CD automation, and integrating security into traditional, cloud-native, and AI-enabled environments. You will lead a global team of security engineers, build scalable developer-focused security solutions, and shape security strategies across engineering, infrastructure, DevOps, and data science teams. What this job involves: [Program Ownership & Strategy]: 1. Own and advance the enterprise application security program, including vision, technical strategy, and execution. 2. Define and implement scalable, modern AppSec practices for cloud-native and AI-enabled development. 3. Represent application security in enterprise architecture, risk, and compliance initiatives. 4. Define KPIs to measure security posture and program effectiveness. [Leadership & Collaboration]: 1. Lead, mentor, and grow a global team of application security engineers and specialists. 2. Promote a proactive “shift-left” culture by embedding security throughout the SDLC. 3. Partner with development, DevOps, AI/ML, and product teams to integrate secure practices into software and data science workflows. 4. Build strong cross-functional relationships to drive security-first thinking and align investments with business value. [Security Tooling & Technical Implementation]: 1. Drive adoption and optimization of security tools (SAST, DAST, SCA, IAST, secrets scanning, etc.) in CI/CD workflows. 2. Design and deploy developer-friendly tools for threat modeling, code scanning, secrets detection, and dependency analysis. 3. Implement internal secure-by-default frameworks and reference architectures. [AI/ML Security]: 1. Collaborate with AI/ML teams to implement secure design patterns for model development, training pipelines, and service deployment. 2. Develop and enforce security controls for AI applications, including data integrity, robustness, governance, and prompt injection prevention. 3. Evaluate and integrate emerging tools for securing ML pipelines, generative AI models, and AI APIs. [Security Enablement, Education & Documentation]: 1. Build scalable security enablement programs, including secure coding workshops, bootcamps, and self-service resources/platforms. 2. Develop and maintain internal security documentation, policies, and standards. [Research & Continuous Improvement]: 1. Stay current on application security threats, AI security research, and best practices in cloud and software engineering.

該職位負責與台灣和全球團隊緊密合作，在網路上實施、監控和維護網路安全。 主要職責： · 在電信網路上部署和設定 NEDR 監控程式。 · 確保從網路到中央伺服器的資料傳輸安全可靠。 · 監控代理程式效能並排除部署或連線問題。 · 與跨職能團隊合作，確保符合安全標準。 · 在專案執行期間及時提供更新、文件和支援。 所需技能和經驗： · 3 年以上網路安全或電信基礎設施經驗。 · 具備網路監控工具或安全代理程式的實際操作經驗。 · 深入了解 TCP/IP、SNMP 和網路協定。 · 熟悉 Linux/Unix 環境和腳本（例如 Bash、Python）。 · 具備電信網路設備（例如路由器、交換器、基地台）的使用經驗。 · 良好的英語和國語溝通能力。 優先條件： · 擁有集中監控或 SIEM 工具使用經驗。 · 了解電信標準和法規遵循。 · 擁有電信業者環境相關經驗者優先。

【主要工作內容】 １.資訊安全相關專案執行 ２.維運及管理個人資料防護系統 ３.維運及管理帳號權限管理系統 ４.維運及管理資料庫稽核系統 ５.執行弱點掃描作業 ６.資訊安全事件分析與後續追蹤 ７.定期辦理資訊安全事件演練，如分散式阻斷服務攻防演練、模擬駭客攻擊演練、防範個資洩漏演練。 ８.辦理資訊安全通報作業 【Job description】 １.Executing information security projects ２.Maintaining and managing personal data protection system, DLP ３.Maintaining and managing user access permissions ４.Maintaining and managing database audit system ５.Performing the vulnerability scan ６.Information security incident analysis and follow-up ７.Regularly conducting the information security incident drill such as decentralized denial of service, DDOS, attack and defense 　 drill, simulated hacker attack drills and drills on preventing personal information leakage ８.Handling information security notification

1. 依據現有公司組織架構，修訂適合公司現況的內稽內控及管理辦法 2. 落實推行內稽內控相關規範，發現問題並提出解決方案與執行檢討 3. 配合券商輔導與會計師內部稽核作業，溝通協調公司內部資料 4. 擬定並執行年度稽核計畫、出具稽核報告 5. 制訂子公司內稽內控及相關管理辦法，並落實推行

※工作內容 1.OT資通安全顧問：主要協助客戶建立 OT (工業控制系統)資通安全等相關管理制度，以符合相關標準要求。 2.負責 OT 資通安全相關稽核或遵循性確認。 ※所需技能與特質 1. 具備良好溝通表達、情緒管理能力。 2. 須具備英文溝通能力。

【Why Join VicOne?】 At VicOne, you will be at the forefront of automotive cybersecurity. This is more than just a job – it’s an opportunity to help shape the security of modern vehicles on a global scale. You’ll work with a talented team of researchers and engineers who are enthusiastic about solving hard problems and sharing knowledge. We value continuous learning, personal initiative, and teamwork. As part of our Taiwan team, you will enjoy a collaborative work culture that encourages innovation and recognizes individual contributions. If you’re excited by the idea of working on cutting-edge automotive security challenges and making a tangible impact in a growing industry, we’d love to hear from you! 【Role Overview】 We seek a Cybersecurity Research Engineer to join our VicOne R&D team in Taiwan. In this role, you will focus on researching and developing advanced detection capabilities for automotive systems. You will analyze embedded software and firmware from vehicles, create signatures to identify vulnerabilities, and apply artificial intelligence to tackle complex reverse engineering challenges. This position offers a mix of hands-on technical research, creative problem-solving, and collaboration with a team of experts in automotive cybersecurity. If you are passionate about digging into low-level software, exploring new technologies, and securing next-generation vehicles, this role is for you. 【Key Responsibilities】 Open-Source and Non-Open-Source Software Analysis: Analyze various software packages and create pattern signatures to enable our vulnerability scanning engine to detect these components in automotive firmware images. - Operating System Research: Investigate a broad range of operating systems (e.g., Linux distributions, Android Automotive, QNX, real-time OSes) and develop recognition patterns that identify software packages and components from these OSes in automotive firmware. - AI-Powered Problem Solving: Apply artificial intelligence and machine learning techniques to solve complex cybersecurity and reverse engineering challenges. Use AI-driven approaches to improve pattern recognition, anomaly detection, or automation in the firmware analysis process. - Automotive Stack Investigation: Research software stacks, frameworks, and components commonly used in automotive ECU (Electronic Control Unit) development (such as infotainment systems, telematics, AUTOSAR components, communication protocols, etc.). Leverage this knowledge to enhance our scanning engine’s ability to recognize and assess those components in firmware. - Innovative Threat Research: Tackle novel and undefined challenges in the automotive cybersecurity through independent research and innovation. Experiment with new methods to analyze firmware, discover vulnerabilities, and contribute findings that shape our product’s capabilities. - Tool Development & Automation: Write and maintain Python tools and scripts to automate the above tasks. Develop supporting utilities for firmware unpacking, data parsing, pattern generation, and other research needs to streamline our vulnerability scanning and analysis workflow. - Be open, be self-motivated and be a happy engineer

This is a full-time role located in the Greater Sydney Area. The Marketing Executive will support QNAP’s brand localization and marketing execution across Australia and New Zealand. This role is responsible for coordinating local campaigns, managing digital presence, and enabling partner marketing activities. It serves as a critical bridge between global strategy and local execution, helping QNAP grow visibility and engagement in the ANZ region. 【Key Responsibilities】 1. Campaign & Event Coordination －Assist in planning and executing local marketing campaigns, exhibitions, and QNAP World Tour events. －Coordinate logistics, vendor communication, and on-site support for partner-led activities. －Track campaign performance and compile post-event reports. 2. Digital & Social Media Management －Manage QNAP ANZ's social media accounts (LinkedIn, Instagram, etc.). －Support paid media execution and performance tracking. －Maintain localized content calendar and ensure brand consistency. 3. Content Localization & Collateral Development －Adapt HQ materials into ANZ-relevant formats (solution briefs, datasheets, pitch decks). －Create localized battle cards and technical sales assets for partner enablement. －Support translation and formatting of product launch materials. 4. Partner Marketing Support －Assist channel partners with co-branded campaigns, EDMs, and promotional assets. －Coordinate MDF (Marketing Development Fund) usage and reporting. －Maintain partner marketing toolkit and update regularly. 5. Reporting & Coordination －Compile monthly marketing performance reports (traffic, engagement, campaign ROI). －Liaise with HQ marketing team to align on GTM timelines and product messaging. －Support CRM/marketing automation integration and lead tracking. *Note: The overseas assignment benefits differ from those provided by the headquarters.

About the role: As a Senior GRC Officer, you will play a critical role in strengthening the organization’s cybersecurity governance and supporting the broader Governance, Risk & Compliance (GRC) program. Partnering with IT, HR, and business teams, you will drive initiatives that enhance security awareness and reinforce compliance across the group. You will collaborate with internal stakeholders and translate complex security concepts into clear, actionable guidance aligned with leading frameworks, including: - ISO/IEC 27001 - NIST Cybersecurity Framework (CSF) & SP 800 series - PCI-DSS (身為資訊安全風險資深管理師，您將在強化本組織的資安治理及推動更廣泛的治理、風險與合規（GRC）計劃中發揮關鍵作用。您將與 IT、HR 及業務團隊合作，推動提升資安意識及強化集團合規的各項行動。同時，您將與內部利害關係人合作，將複雜的資安概念轉化為清晰且可執行的指引，並確保與主要框架保持一致，包括：ISO/IEC 27001, NIST 網路安全框架(CSF)與 SP 800 系列及PCI-DSS)) What this job involves: [Assess & Benchmark]: 1. Perform cyber-risk and control-maturity assessments using frameworks such as NIST CSF, ISO 27001, Essential Eight, and proprietary models. (依據 NIST CSF、ISO 27001、Essential Eight 及內部專有模型，執行資安風險與控制成熟度評估) 2. Translate technical findings into executive-level insights and actionable roadmaps. (將技術發現轉化為高階管理層能理解的見解與可行的行動計劃) [Programme Design & Delivery]: 1. Design and implement cyber-risk programs, including risk registers, treatment plans, and dashboards. (設計並導入資安風險計劃，包括風險登錄表、處理計劃與儀表板) 2. Develop policies, standards, and procedures that ensure compliance and are practical for engineers to adopt. (制定符合合規要求且工程團隊能實際落實的政策、標準與程序) [Governance & Compliance]: 1. Own the GRC framework and policy suite; embed the “three lines of defence” model. (主導 GRC 框架與政策體系；落實「三道防線」模型) 2. Guide stakeholders through audits and regulatory reviews (e.g., APRA CPS 234, SOC 2). (引導利害關係人通過稽核與法規審查（如 APRA CPS 234、SOC 2)) 3. Monitor regulatory changes and advise the business on impacts within 30 days. (監控法規變化，並於 30 日內向業務部門提供影響評估與建議) [Strategic Advisory]: 1. Develop rolling multi-year cybersecurity and risk strategies aligned with corporate OKRs. (制定與公司 OKRs 相符的多年度資安與風險策略) 2. Present risk posture, KPI/KRI trends, and investment options to boards and regulators. (向董事會及監管機構呈報風險現況、KPI/KRI 趨勢及投資選項) [Leadership & Coaching]: 1. Mentor junior GRC analysts and upskill cross-functional teams on secure-by-design and offensive-security practices. (指導初階 GRC 分析師，並提升跨部門團隊在安全設計及攻擊性安全實務上的能力) 2. Foster a culture of continuous improvement and measurable risk reduction. (培養持續改進與可衡量風險降低的文化)

【職務說明】 1. 此職務徵求有實際執行ISO27001(資訊安全管理系統)經驗者。 註：具備ISO27001:2022 LA證照者。 【職務內容】 1協助導入 ISO 27001:2022 資訊安全管理系統 (ISMS) 將公司內部資安規範與程序書，轉化為可執行的作業流程、表單與稽核證據。 與 IT、開發、法遵等部門協作，推動資安政策落地，並進行合規性檢視。 協助應對內、外部稽核，並追蹤改善事項。 2執行資安維運 (Security Operations) 執行或協調定期的弱點掃描與滲透測試，並追蹤漏洞修補進度。 分析資安系統日誌 (Log)，進行異常事件的初步調查與通報。 參與規劃與執行資安教育訓練。 【條件與技能 (Requirements & Skills)】 必要條件： 1具備實際參與或協助導入 ISO 27001 管理制度的經驗，而不僅是持有證照。 2熟悉網路與系統管理 (如 Windows Server, 防火牆)，並具備基礎故障排除能力。 3具備日誌 (Log) 分析或 SIEM 工具使用經驗，能從中識別異常行為。 加分條件： 1持有 ISO 27001 、27701、或其他相關資安證照者。 2具備任一種腳本語言能力 (如 Powershell, Python)，能協助自動化維運或安全任務。 3有在金融科技 (FinTech) 或 VASP 相關產業工作的經驗。 4熟悉雲端平台（如 GCP/Azure）的基礎安全設定與管理。 5了解並使用過 AI 工具（如 ChatGPT）以提升工作效率。

建立並維護賽鴿GPS產品開發的品質保證體系，確保從設計到量產的每個階段都符合品質標準，並持續改善開發流程。 工作內容 1.品質體系建立：制定產品開發各階段的品質標準和檢核點 2.測試流程設計：建立標準化的測試流程和測試案例庫 3.測試執行管理：規劃和執行SW、FW、HW的各項測試活動 4.缺陷管理：建立缺陷追蹤系統，管理問題從發現到解決的完整流程 5.品質指標監控：建立品質儀表板，追蹤各項品質指標 6.供應商品質管理：協助管理外包廠商的交付品質 7.流程持續改善：分析品質數據，提出流程改善建議 8.測試環境維護：建立和維護測試實驗室環境 具備技能 1. 具備專案管理經驗 2. 熟悉品質管理系統（如ISO 9001） 3.了解軟體開發生命週期 4.熟悉測試方法論和測試工具 5.具備統計分析能力 6.了解硬體製程和品質控制 7.熟練使用測試管理工具（如Jira、TestRail） 8.具備資料分析能力（Excel、SQL等） 9.基礎自動化測試概念

※ Objectives & Responsibilities: The position is under the BV Cyber Security Service line. This position will need to perform hands-on security testing, write the testing report, and create testing cases. The devices under testing will be products with network connectivity (IoT/OT). This role provides the opportunity to work with a variety of smart products and technologies, offering valuable experience in the dynamic field of cybersecurity. You will be involved in testing and securing these devices using established best practices and security standards, ensuring a structured and reliable approach to cybersecurity. ※ Skills and Requirements: 1. Interest in studying and familiarity with Security Standards (e.g., IEC/EN/ETSI/ISO, etc.). 2. Interest in learning how to make computer systems, software, and networks work securely, and in designing and reviewing processes for developing and maintaining a secure environment. 3. Interest in learning and familiarity with Cybersecurity Testing tools (Wireshark, Nessus, Nmap, etc.). 4. High motivation for continuous learning. 5. Being a team player is a MUST.

【工作內容】 1.帶領藍隊團隊執行企業資安防禦與事件應變，確保資訊資產安全。 2.規劃並維護資安防禦策略、標準作業流程（SOP）及事件應變計畫。 3.主導資安監控（SOC）作業，進行事件分析、調查、回應與復原。 4.規劃與導入威脅偵測、防禦及弱點修補相關工具與流程。 5.監督與分析各類資安日誌、入侵偵測及異常行為警示。 6.定期進行資安風險評估與稽核，並與紅隊協作提升防禦能力。 7.培訓及管理團隊成員，持續提升資安防禦與應變能力。 8.跨部門合作（IT、法務、稽核等），確保符合法規與公司政策（如 ISO 27001、ISO 27017、ISO 42001）。 9.定期向管理階層報告資安狀況並進行溝通。 10.熟悉 ELK 或相關 Syslog server 架構者佳。 【資格條件】 資訊工程、資訊安全相關科系畢業，或具同等專業能力。 具 3 年以上資安相關工作經驗。 熟悉網路安全、端點防護及事件偵測與應變（如 EDR、SIEM、IDS/IPS）。 了解國際資安標準與法規（如 ISO 27001、NIST、GDPR）。 具備威脅情報分析與資安事件調查能力。 具良好溝通協調及專案管理能力。

工作內容 主要負責企業內IT專案規劃與運維管理相關事項，包含： 1.企業機房與網路設備之建置維護與管理 2.基礎系統維護與管理(包含AD、DNS、DHCP、MAIL、SPAM、VPN、視訊系統、防毒軟體、VM、CTI系統…) 3.虛擬平臺建置維護與管理 4.資訊安全的建置評估與應用 5.備份備援架構規劃與管理 6.資訊設備採購建置，排除辦公電腦日常故障 7.具備專案規劃與執行管理的實務經驗 8.IT運維相關軟硬體建置、維護與監控 9.規劃、維運雲端虛擬化技術平臺，並協助轉移現有系統至雲端平臺 10.評估、導入開源技術或新資訊科技應用 11.主管交辦事項

【工作內容】 1. 全面領導實驗室運作，確保測試活動符合 ISO/IEC 17025 認證標準與 TAF 認可要求。 2. 建立並維運品質管理系統，監控測試流程，並管理人員與設備。 3. 規劃並執行風險管理與持續改善機制，確保實驗室運作穩健且合規。 4. 擔任對外溝通窗口，負責稽核應對、客戶需求及文件管理。 5. 規劃與推動內部教育訓練及管理評審，持續提升團隊專業能力。 6. 完成上級交辦事項。 7. 負責品質手冊之行政管理事宜，包括： * 內部稽核之規劃與執行 * 稽核缺失矯正及追蹤 * 管理審查之規劃與結果追蹤管理 8. 指派並管理報告簽署人，確保其理解檢驗方法與程序，落實報告簽署職責，並對檢驗報告之有效性負最終責任。 9.主管交辦事項 【職務要求】 1. 熟悉 ISO/IEC 17025 / CNS 17025 測試實驗室規範與作業流程。 2. 熟悉資安測試流程、工具與方法。 3. 具 2 年以上管理經驗。 4. 具 ISO/IEC 17025 / CNS 17025 相關訓練證明。 【加分條件】 1. 具資安相關專業證照。 2. 熟悉本實驗室之測試項目。