宇树科技产品安全架构工程师(J10095)
社招全职地点:杭州状态:招聘
任职要求
1. 精通TCP/IP网络协议及常见的密码学技术; 2. 熟悉Wi-Fi、NFC、BLE、Zigbee等无线通信协议,具备对其开展安全分析与调试的能力;具备RTOS、Android及Linux系统层面的安全经验,拥有一定的逆向分析能力,熟练使用常见逆向开发软件等二进制分析工具; 3. 具备嵌入式系统的代码审计与漏洞挖掘能力,深入掌握常见二进制漏洞的原理、危害、利用方式及相关修复方案; 4. 理解IoT设备中硬件、云端与App三端之间的交互机制,熟悉相关的安全认证与加密传输方案,并具有实际的漏洞分析或挖掘经验; 5. 具备嵌入式系统及智能硬件设备的安全架构设计,从硬件、软件、云端等全栈角度构建安全防护体系。 6. 掌握智能硬件设备固件的提取与逆向分析方法; 7. 能够独立开发基础的安全测试工具以支持安全研究与测试工作; 8. 学习能力强,乐于接受挑战,具备钻研精神,同时拥有良好的沟通协作能力与团队意识,善于独立思考并不断总结提升自身能力。
工作职责
1. 负责宇树机器人产品的安全,挖掘安全风险,向业务方输出具体解决方案; 2. 负责机器人场景的安全需求评审和技术方案安全评审。
包括英文材料
TCP/IP+
[英文] What is TCP/IP?
https://www.techtarget.com/searchnetworking/definition/TCP-IP
TCP/IP stands for Transmission Control Protocol/Internet Protocol and is a suite of communication protocols used to interconnect network devices on the internet.
RTOS+
[英文] RTOS Fundamentals
https://www.freertos.org/Documentation/01-FreeRTOS-quick-start/01-Beginners-guide/01-RTOS-fundamentals
A Real-Time Operating System (RTOS) is a type of computer operating system designed to be small and deterministic.
Android+
https://roadmap.sh/android
Step by step guide to becoming an Android developer .
https://www.youtube.com/playlist?list=PLQkwcJG4YTCSVDhww92llY3CAnc_vUhsm
Linux+
https://ryanstutorials.net/linuxtutorial/
Ok, so you want to learn how to use the Bash command line interface (terminal) on Unix/Linux.
https://ubuntu.com/tutorials/command-line-for-beginners
The Linux command line is a text interface to your computer.
https://www.youtube.com/watch?v=6WatcfENsOU
In this Linux crash course, you will learn the fundamental skills and tools you need to become a proficient Linux system administrator.
https://www.youtube.com/watch?v=v392lEyM29A
Never fear the command line again, make it fear you.
https://www.youtube.com/watch?v=ZtqBQ68cfJc
IOT+
https://microsoft.github.io/IoT-For-Beginners/#/
Azure Cloud Advocates at Microsoft are pleased to offer a 12-week, 24-lesson curriculum all about IoT basics.
https://www.ibm.com/think/topics/internet-of-things
The Internet of Things (IoT) refers to a network of physical devices, vehicles, appliances, and other physical objects that are embedded with sensors, software, and network connectivity, allowing them to collect and share data.
https://www.youtube.com/watch?v=1KVrBjSqS5s
The term 'Internet of Things' was coined by Kevin Ashton in 1999 to refer to connecting the Internet to the physical world via sensors.
系统设计+
https://roadmap.sh/system-design
Everything you need to know about designing large scale systems.
https://www.youtube.com/watch?v=F2FmTdLtb_4
This complete system design tutorial covers scalability, reliability, data handling, and high-level architecture with clear explanations, real-world examples, and practical strategies.
安全防护+
https://roadmap.sh/cyber-security
Step by step guide to becoming a Cyber Security Expert
https://www.w3schools.com/cybersecurity/
This course serves as an excellent primer to the many different domains of Cyber security.
相关职位
社招5年以上程序&技术类
1、主导公司内部效能系统(IM、文档系统、IAM系统、外采系统等) 安全架构评估、威胁建模与加固方案的设计与落地实施; 2、构建与持续优化内部效能系统的安全风控体系,包括策略制定、规则开发、监控告警及应急响应机制; 3、制定与推行效能系统相关的产品安全规范与标准,重点管控AI等新技术引入效能平台带来的新型安全风险; 4、深度参与效能系统生命周期(设计、开发、部署、运维),主导安全Code Review (Golang), 并提供可落地的安全改进建议; 5、有效推动研发、产品、运维等跨部门协作,确保安全需求在效能系统迭代中清晰传达、有效落地并按时交付。
校招A154958A
团队介绍:字节跳动安全与风控-Flow部门,负责Flow业务中大模型和生成式AI应用如豆包、Cici、扣子等的安全保障工作。团队为业务面临的数据安全、用户隐私挑战、新兴大模型攻击方式等安全隐患提供创新的防御能力和解决方案,我们在北京、杭州、深圳、圣何塞均设有安全研发中心,团队和业务正处于快速发展期,成长空间大,欢迎各位同学加入。 1、负责硬件及系统相关漏洞挖掘及安全设计; 2、对系统风险进行威胁建模,与研发团队一起设计安全方案,落地行业安全最佳实践; 3、不断提升硬件产品安全设计及安全水位,通过优秀设计及安全质量助力业务赢得用户及社会信任。
更新于 2025-07-29