Strive for lofty goals

My Journey in Cybersecurity

M

I’ve been interested in Hackers since childhood because they can give an ordinary person superpowers, just like Elliot in Mr. Robot and Neo in The Matrix.

When I was little, a company owed my family’s factory money, so my dad took their computer home as collateral. I clearly remember that, since we didn’t have broadband, I saved up money to buy a USB wireless network card from a computer store, put my mom’s SIM card in it, and used it to get online, spending several hundred on phone bills. It was from that computer with the bulky CRT screen that I started experimenting.

At first, I was addicted to games and began using cheats to hack them. I then tried to develop other game cheats using E-Yu language, and later learned Visual Basic. Once I gained development skills, I started writing remote control software to prank my friends. I also began self-studying various hacking techniques, gradually stepping into cybersecurity.

But my journey as a hacker hasn’t been smooth sailing. When I first started working, there were few job opportunities in cybersecurity. At that time, I was a software development engineer, while spending all my free time exploring cybersecurity. I learned various exploitation techniques on vulnerability platforms like WooYun and others. My programming skills set me apart from other hackers at the time, allowing me to better understand the exploitation, discovery, and patching of vulnerabilities. I also developed automated exploitation tools to discover vulnerabilities in bulk. This helped me advance ten pages in the WooYun platform ranking in just ten days, and I once gained control over many top-tier internet companies in China.

At the same time, during my time as a programmer, I began developing security products to support business needs, leveraging my understanding of security. These included browser-based ActiveX security controls using digital certificates, real-name authentication systems, and jump servers. Later, I became the company’s first security engineer, marking the beginning of my journey in cybersecurity.

During my time as a full-time cybersecurity engineer, I had two long-term work experiences, both involving the e-commerce, banking, and payment industries. These experiences were part of a progressive security development process.

During the first five years, I witnessed the complete security development process of an internet e-commerce company, from a startup to a NASDAQ-listed company. I progressed from being the first security engineer to becoming the head of security.

During the second five years, I worked with MyBank (Ant Group) as an architect, and second-in-command, I was involved from the ground up in building the bank’s financial-grade security team and system. I was deeply involved in the construction of multiple security areas for digital banking, leading efforts in application security, mobile security, infrastructure security, threat intelligence, incident response, and security product development teams. This has laid a solid foundation for establishing financial-grade security.

I’m currently part of the security team at Alipay (Ant Group), which has a complex and massive financial technology business with sensitive data of billions of users and trillions of transactions. As a result, there are inherently high demands for network security. The company invests hundreds of millions of RMB annually in cybersecurity and has experts in various specialized fields. Alipay offers competitive salary packages, ranging from several hundred thousand RMB for campus recruits to several million RMB for experienced hires, with smooth career advancement opportunities.

Here, we are dedicated to building a world-class security system, creating security concepts, practices, products, and vulnerabilities that benefit the industry. If you are passionate about making a difference in the security industry, we invite you to join us!

Strive for lofty goals
Loading