# 資訊科技產業專案設計課程作業 3 [ATS Resume](https://docs.google.com/document/d/1EdrpZ11u9dMInmnQD66SkOw8z09JSrLSHjW-gh09WVw/edit?usp=sharing) [ATS Resume Template](https://docs.google.com/document/d/1tbnWMFkKT0c4Mh_IKhrobi_yK8qtjL6vkCgvXWCIKI0/edit) ## 自身興趣/規劃的職務描述 ### Microsoft (Cyber security) #### [1. Support Escalation Engineer(TW)](https://careers.microsoft.com/us/en/job/1047877/Support-Escalation-Engineer-Security) **Required Experience** * Minimum 5+ years experience in Network Security Engineering or consulting, and/or Systems Administration with focus on security (this should include experience with endpoint security, server security and threat analytics) * Minimum 3+ years customer facing support experience * Minimum 3+ years of Windows Server, Windows Client, Active Directory and/or Azure Active Directory administration * Minimum 1+ years of cloud experience with any of the major cloud providers, including cloud security, networking, and migration of multi-cloud or hybrid deployments * Experience supporting large and complex geographically distributed enterprise environments with 1000+ users **Preferred Experience** * Experience in Linux and/or Mac administration * Automation (PowerShell and/or Python, Java, or a similar language, can be a beginner to intermediate level). **Soft Skills** * Demonstrated experience learning new technologies * Strong collaborative skills and extensive cross-group coordination skills * Proven customer service skills supporting external and/or internal customers in an enterprise environment * Great phone presence and documentation abilities. Excellent executive communication and crisis management skills * Excellent documentation skills and ability to translate complex technical processes into simple to follow written guides * Previous experience working in a large, complex, highly matrixed global organization preferred * Ability to work in a high pace environment with many competing priorities and randomization **Education** * Preferred Bachelor’s degree or higher in a technical field, or relevant work experience * Preferred IT Industry certifications (Microsoft Certifications On-Prem or Cloud, Cisco, CISSP, CEH, Amazon AWS, etc.) #### [2. Security Engineering: Intern Opportunities for University Students(US)](https://careers.microsoft.com/students/us/en/job/1458163/Security-Engineering-Intern-Opportunities-for-University-Students) **Responsibilities** This job posting includes the following 4 disciplines: Penetration Testing * Identify problems and vulnerabilities through application of engineering to dynamically penetrate software / hardware / human systems * Result in security bug discovery, exploit and suggest security controls and mitigations in response to security flaws * Develop and implement pen testing strategy and apply expertise to engineer solutions * Influence mitigations for current and future products and solutions Security Operations Engineering * Execute security controls, defenses, and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce, and web-based systems * Research attempted or successful efforts to compromise systems security and determine next steps, including potential escalations * Develop and implement automation of security process and procedure where possible, and translate security policy into effective controls * Respond to security incidents, conduct threat intelligence and analysis, and use data analytics to drive security decisions * Conduct and support red/purple team operations or improve security posture * Maintain hardware, software, and network firewalls and encryption protocols * Administers security policies to control access to systems Security Assurance * Analyze, engineer solutions, and mitigate security issues through the design, policy, threat modeling, assurance program design, education, thought leadership and facilitation around secure software development and operational security assurance * Support operational security and security incidents as well as security reviews and reporting * Plan and support research into security issues and partner across security disciplines to address issues Security Research * Design and conduct security research including malware analysis, threat and vulnerability analysis, adversary tracking, threat intelligence, detection & remediation development and other technology application focuses related to the understanding of the threat landscape with intent to disrupt adversaries or provide protection via defensive products and services * Generate solutions including first party mitigation and work closely with customers and partners; support operational security and security incidents as well as security reviews and reporting * Demonstrate industry leadership through subject matter expertise and contributing to thought leadership and advancement **Qualifications** * Pursuing a Bachelor's or Master’s Degree in Statistics, Mathematics, Computer Science or related field. * Experience in software development lifecycle, identifying security vulnerabilities, large-scale computing, modeling, cyber security, and/or anomaly detection * Must have at least one additional quarter/semester of school remaining following the completion of the internship. #### 能力符合度分析 資安工程師方面的職缺大概有: * 甲方企業端進行企業內的資安維護的工程師，這種通常對linux/windows os有一定熟悉度、懂資料ETL、懂IT稽核核規、知道如何架web service或是懂資安domain knowledge，如基礎的OWASP top 10攻擊等，通常應該就會很有機會。 * 乙方資安軟體的開發類的工程師，或是協助公司符合稽核規定的滲透測試執行工程師、提供資安企業相關教育課程(前者如趨勢、奧義智慧以及後者如TeamT5、DEVCORE和數聯資安等)，這一類底子就要比較深厚，要有接近白帽駭客的功力並對工具及網路很熟悉。 第一個正職職缺是過去我真的有面試過的，沒有面到最後一關管理階層關，可惜當初沒有寄信去詢問被刷掉的原因。 如果單從職缺描述及需求來看，除了資歷不夠的這部分以及像是CEH、CISSP等常見資安證照還沒考之外。其他在像是與客戶溝通、linux及automation with script的部分都有經驗。 猜測當初被刷掉的原因可能是英文口說不夠流暢，或是他們覺得我在資安domain knowledge的經驗還沒達到他們的要求。 第二個實習職缺是目前Microsoft open的職缺，最大的困難點應是非美國大學及需要onsite。不過如撇開此限制單看技術層面的匹配度，唯一能貢獻的可能只有第三點資安事件調查的部分，因為過去有參與過企業內真實被駭客攻擊後的調查與排除的過程。 其他部分如第一點的滲透測試，我對像是kali linux上的tool的使用上還不夠熟悉可能還需要去惡補；在資安上面對攻擊或發現漏洞時如何去mitigate來降低危害這部分的經驗也仍缺乏；也沒有參與過紅藍隊演練。這些部分的缺乏可能會需要花一些時間好好準備去申請才會有比較好的機會。 --- ### Tesla (Autopilot & Robotics) #### [1. Deep Learning Performance Engineer, Autonomy Software(US)](https://www.tesla.com/zh_TW/careers/search/job/deep-learning-performance-engineer-autonomy-software-160408) **任職要求** * Bringing down wall clock time of our training jobs through identify bottlenecks in the ML stack, from data-loading up to the GPU. * Profile our workloads and implement solutions to increase training efficiency. * Optimizing for efficient hardware utilization (e.g. CPU and GPU compute, data throughput, networking). **職責描述** * Experience programming in Python. * Experience with at least one deep learning framework (ideally in PyTorch). * Demonstrated experience in profiling CPU/GPU code. * Proficient in system-level software, in particular hardware-software interactions and resource utilization. * Optional: Experience with high-performance networking (e.g. Infiniband, RDMA, NCCL). * Optional: Experience programming in C/C++ and CUDA. #### [2. Full Stack Engineer, Autopilot Validation(US)](https://www.tesla.com/zh_TW/careers/search/job/full-stack-engineer-autopilot-validation-145492) **任職要求** * Create, maintain and expand internal tools for validation of Autopilot vehicle behavior. * Work with controls, perception, and vision engineers on visualization tools tailored to their workflows. * Debug issues with our live system, identify the root causes, and fix them. **職責描述** * BS in Computer Science, Physics, Computer Engineering, Electrical Engineering or proof of exceptional skills in related fields, with practical software engineering experience. (Hiring all levels: new grad, senior, staff). * Strong Python & JavaScript (React) coding skills. * Experience with web frameworks such as Flask or Django. * Knowledge of ORMs (Object-Relational Mapping) like Sqlalchemy, Postgres, AWS. * Excellent interpersonal, communication, and collaboration skills. #### [3. Autopilot Foundations Internship C/C++(US)](https://www.tesla.com/zh_TW/careers/search/job/autopilot-foundations-internship-c-c-145096) **任職要求** * Write, debug and maintain robust C/C++ software to the entire Autopilot and Humanoid robot software stack; depending on needs and your interests/skills. * Interns may work on code related to our high-frame rate Camera & Vision stack, write GPU kernels, design and implement low memory footprint image compression libraries, implement high-performance inter-process communication data buffers, improve/extend our image & raw data logging/telemetry code, or make our evaluation/replay software more stable and performant. * Optimize hardware resources usage, leverage custom hardware components where appropriate. * Advocate for best coding practices amongst the group, build tools helping engineers to write better code (for instance, performance/memory tracking). * Generalize software frameworks when necessary while keeping in mind that too much abstraction can sometimes become a bottleneck. **職責描述** * Currently working towards a BS, MS, or advanced degree in a relevant engineering program such as Computer Science, Computer Engineering, or Electrical Engineering. * Must be graduating within 6 months of completing the internship and eligible to convert to full-time. * Experience programming in C/C++, modern C/C++ (C++14/17/20) is a huge plus. * Experience or familiarity with Computer Vision, Machine Learning & related software concepts is a plus. * Experience with performant software design, object-oriented C++, compiler design and/or hardcore lower-level C code a plus, but preferred. * Proficient developing software on a Linux host, for embedded Linux targets (cross-compilation, etc.) is a plus. * Experience with at least one of the following is a plus: imaging software, Cuda/OpenCL, SIMD, multithreading, Linux system software (posix etc.), & computer vision. #### [4. Full Stack Engineer, Autopilot AI Tooling Internship(US)](https://www.tesla.com/zh_TW/careers/search/job/full-stack-engineer-autopilot-ai-tooling-internship-152104) **任職要求** * Improve and maintain the frontends and backends of our Autopilot tools. * Work with controls, planning, and machine learning engineers to build tooling tailored to their workflows. * Debug issues with our live system, identify the root causes, and fix them. * Build metrics and monitor performance + reliability of our systems. **職責描述** * BS in Computer Science, Physics, Computer Engineering, Electrical Engineering or proof of exceptional skills in related fields or practical software engineering experience. * Strong knowledge of JavaScript and Python. * Experience with data visualization in Python. * Experience building modern web applications using React (Three.js nice to have). * Experience with AWS services (nice to have). * Excellent interpersonal, communication, and collaboration skills. #### 能力符合度分析 選擇這項是因為自己的研究就是自走車有關的CV及robotics SLAM，希望了解一下自己與這樣相關的職缺的距離還有多遠。那同樣也是撇除掉這些職缺都在美國帶來的限制。(因為台灣Tesla沒有Autopilot & Robotics相關的職缺QQ) 彙整一下上面找的兩個正職、兩個實習所需要的技能，有像是: * 如何使用GPU來加速訓練 * 優化模型訓練時的效率 * 硬體整合優化 * Pytorch * C/C++ * high-performance networking (e.g. Infiniband, RDMA, NCCL) * System maintenance * 會用visualization tools * Flask/Django * Object-Relational Mapping * write GPU kernels * code performance/memory tracking * CV跟ML及相關的軟體使用 * 在embedded linux上開發軟體 * Cuda/OpenCL, SIMD, multithreading * data visualization in Python * web React framework(Three.js) * AWS使用經驗 再進一步濃縮大概是: 1. GPU使用、分析及優化 2. Python AI/Web/資料處理及視覺化 3. Linux 4. Computer vision經驗與工具使用 5. web開發 6. 雲端平台使用經驗 以上六點中目前自身能力缺乏最多的就是第一項，而這一項也包辦了我比較希望自己將來能apply的職缺1和3，因為主觀的認為這個會是薪情較好、也較難取代同時MAAMA中任一家都會需要的才能。 不過如果是目前這個當下要去apply看看的話，2跟4(特別是4)應都有機會。 --- ### AI related Engineer/Data Engineer #### [1. Intel - AI Software Platform Intern(CN)](https://jobs.intel.com/en/job/shanghai/ai-software-platform-intern/41147/39082076512) **Qualifications** * Bachelor, Master, or PhD degree in Computer Science or similar technical discipline (or equivalent)- A solid foundation in computer science, with strong competencies in computer system internals, data structures, algorithms, and software design * Experience with machine learning and deep learning technologies is a plus * Experience with large-scale, distributed data processing frameworks (e.g., Spark, Kafka, Flink, YARN, K8s, etc.) is a plus * Fluency in English (reading and writing) #### [2. Ebay - AI Platform Intern(CN)](https://jobs.ebayinc.com/us/en/job/EBAEBAUSR0057423EXTERNALENUS/AI-Platform-Intern?utm_source=linkedin&utm_medium=phenom-feeds) **Primary Job Responsibilities** * Machine learning feature store development * Investigate and POC on some industry technology solution * Help document management * Try to innovate in the technology area and bring new thoughts to the team. **Basic Qualifications** * Technological enthusiasm and high responsibility * Familiar with at least one of programming language: Java/Scala/Kotlin/Python * Familiar with big data (Spark, Hadoop, HBase etc.) is a plus * Familiar with backend service (Java/Kotlin) is a plus * Team player and English communication skill #### [3. Qualcomm - AI Software Platform Engineer (2023 New Grads)(TW)](https://qualcomm.wd5.myworkdayjobs.com/zh-CN/External/job/Hsinchu-City-TWN/AI-Software-Platform-Engineer--2023-New-Grads-_3045130-1?source=APPLICANT_SOURCE-6-2) **Minimum Qualifications** * Master's degree in Computer Science, Electrical Engineering, or related field. * Software development experience in one or more general purpose programming languages o such as: C/C++, Java or Python. * Experience in the field of software engineering (i.e. working with data structures, algorithms, software design).. * Good experience with Programming Language such as C, C++, Java, Python etc. * Experience in large-scale software project. * Ability to speak and write in English fluently. **Preferred Qualifications** * MS or PhD degree in Computer Science, Electrical Engineering, related technical field or equivalent practical experience, specializing in machine learning, computer architecture, operating system, compilers, or hardware-software codesign. * Experience in machine learning software stack and hardware architecture. * Experience in programming domain-specific accelerators, including DSP, GPU etc. * Experience in compiler design and implementation, image/video/speech algorithms and software/hardware implementation techniques. * Experience in Unix, Android or Linux operating system, framework, application and development environment. * Enthusiasm in machine learning technology. Hand-on experience in design/implementation of deep learning networks via modern frameworks, including TensorFlow, Pytorch, etc. * Ability to quickly learn new technologies and work on resolving customer reported technical problems during mobile or wireless communication product development cycles. * Excellent analytical, problem solving and Communication skills and willingness to work with customers **Minimum Qualifications** * Bachelor's degree in Computer Science, Engineering, Information Systems, or related field. #### [4. MediaTek - ML/AI-based video coding technology researcher(contractor/Intern)(TW)](https://nvidia.wd5.myworkdayjobs.com/en-US/NVIDIAExternalCareerSite/job/Software-Automation-Test-Development-Engineer--RDSS-Intern-_JR1963439) **Requirement** * Familiar with tranditional video/image coding * Familiar with related ML/AI background knowledge * Familiar with DL platform/script to develop the related technology * Familiar with C/C++ #### [5. Proton - Machine Learning Engineer (MSA)(TW Remote)](https://careers.proton.me/o/machine-learning-engineer-msa) **Requirement** * Deep experience in machine learning, pattern recognition, signal processing, data mining, or information retrieval * Deep experience with running ML in production * Strong software engineering skills (Python) * Solid knowledge of statistics * Excellent English communications, both written and spoken #### [6. Coda Payment - Senior/Staff Data Engineer(TW)](https://jobs.lever.co/codapayments/8871d456-7fef-40dc-9034-e94811313c9a?lever-origin=applied&lever-source%5B%5D=linkedin+paid&lever-source=LinkedInJobs) **Responsibilities** * Building and maintaining high-performance data systems that enable deeper insights for all parts of our organization. * Developing ETL/ELT pipelines for both batch and streaming data * Designing data flow for real-time, analytics and ML workloads * Designing architectures for data acquisition * Improving data pipelines performance by implementing the industry's best practices and different techniques for data parallel processing * Preparing data for predictive and prescriptive modelling * Working with data scientists and productionize machine learning algorithms * Working with data analysts to automate and optimize reporting and BI infrastructure * Improving and maintaining data quality * Communicating effectively with stakeholders **Requirements** * Experience in working with large datasets in both batch and real-time * Good understanding of data structures, data architecture techniques and data warehousing * Expertise in Python and SQL * Knowledge and practical experience in one or more back end programming languages (Java, Scala, Kotlin, Groovy, Go, C/C++, Rust, Python, C#, etc.) and the ability to learn new programming languages quickly * Experienced in designing complex DAGs in Airflow or similar technology * Experienced in working with world-class data platforms such as Teradata, Oracle, Hadoop, Spark * Good understanding of Machine Learning concepts and productionizing ML models * Experienced in working with data streaming tools such as Spark Streaming and Kafka * Experience in maintaining and scaling complex ETLs * Experienced in developing scalable data warehouse in accordance with either one of GDPR-EU, CCPA-US, LGPD-BR or PDPA - SG * Experienced with AWS or GCP #### [7. Arc & Codementor - Data Engineer(TW Remote)](https://boards.greenhouse.io/arcdev/jobs/4696501004?gh_src=0062534b4us) **Responsibilities** * 建立並維護高可靠性且高擴充性的資料流程，包含以下 * 資料收集、轉換與彙整 * 資料正確性測試 * CI/CD * 資料品質監控 * 與後端串接 Data/ML API * 協助分析師與 PM 解決資料轉換及工具建置需求 * 管理雲端平台上與 Data 相關的 infrastructure * 建立 ML-OPS 流程，包含以下 * 自動化模型訓練與驗證 * 特徵/模型正確性測試 * CI/CD * 資料/特徵/模型品質監控 **Requirements** * 具備三年以上工程及資料數據相關工作經驗 * 熟練使用 SQL 與 Python * 熟悉 Python 與 SQL * 熟悉 ETL/ELT 流程相關開發工具，我們使用 Airflow, Pyspark, Stitch, DBT * 熟悉 Database 相關知識，我們使用 Postgres, Google BigQuery * 熟悉 Python API 工具，我們使用 FastAPI * 熟悉雲端相關平台，我們使用 AWS, GCP, Heroku * 熟悉容器化相關技術與服務，我們使用 AWS ECS * 商業英文以上的程度 * 具備良好邏輯思考及分析能力 **Nice to have** * 熟悉分散式運算工具，我們使用 DataProc * 有 Delta lake 建置經驗 * 熟悉 MLflow, Kubeflow 與 WanDB 等 MLOPS 相關技術 * 熟悉 Kubernetes #### [8. CinchBlock - Blockchain Data Analyst(TW)](https://www.linkedin.com/jobs/search/?currentJobId=3345812196&f_JT=F&f_TPR=r2592000&f_WT=1%2C2%2C3&geoId=104187078&keywords=AI&location=Taiwan&refresh=true&start=125) **What You'll Do** * Collaborate with teams across the company to assess needs, translate requirements and develop data products * Build, maintain, refactor and optimize data models in both Web2 & Web3 projects with a focus on data governance, data quality, and DRY development practices * Identify, define, design and track metrics that inform the business and guide product development * Design, conduct, analyze and report results from A/B tests for product, engineering and marketing teams * Conduct blockchain project data research to support business initiatives, blockchain projects include but not limited to NFT/ GameFi/ Web3/ Crypto projects * Conduct ad-hoc analysis to surface insights with teams across company * Compile and analyze blockchain project data, processes, and codes to troubleshoot issues **What You'll Need** * Minimum 1 year of experience in data fields (e.g. analytics engineer, data engineer or data analyst, etc) * Bachelor's degree in finance, economics, mathematics, engineering, computer sciences or related disciplines * Strong analytical skills * Experience creating visualizations within a BI platform * Experience in SQL * Experience with data modeling and ELT development principles * Experience with Python or R * Knowledge in social media marketing, community, blockchain application and technology * Good command of written and spoken English, with strong communication skills to work with partners globally **Plus** * Prior experience in blockchain with working knowledge * Experience with a modern data stack * Experience with ML model or AI application * Experience in on-chain data analytics (e.g. Dune analytics, Nansen.ai) * An entrepreneurial spirit and innovative thinker, with a track record for translating strategic thinking into action plans * Ability in understanding important performance drivers against findings * Self-motivated, independent, resourceful and proactive team player with a start-up mentality, capable of working effectively with cross-functional teams * Strong interest in becoming crypto fluent #### 能力符合度分析 這個部分的話，是在linkedin上面找目前有開的AI相關的職缺。就我之前對AI工程師的理解，待遇比較好的應要是負責當中演算法的類似資料科學家的職缺，這類通常會要求要有phd學歷。最近也有看到以前的一些同事是從事MLOPs相關，這部分感覺也會比最一般的專門使用Python AI library來train model的工程師待遇再好一點，因為用library這類的工程師競爭太激烈了，會有各科各系各式各樣的人來競爭。而我認為資工的同學要脫穎而出最簡單的方式應該就是除了AI model訓練跟了解五花八門的network structure之外，就是在CI/CD自動化這塊帶來貢獻了。 另外訓練模型之外，data engineer這類的將資料從resource整理好(並能在大量資料下維持效能)到能夠被模型拿去訓練的工作，應也算是資工同學相對較優勢的一個職缺。 那實際看一下職缺的要求呢，也大概可以把這些requirement列成以下幾點： * ML/DL經驗 * big data處理的framework，如Spark, Kafka, Flink, Hadoop 處理大數據！！ * Scala語言(處裡big data) * Python和他的AI package像是tensorflow, pytorch * Java/Kotlin * C/C++ * Linux * 訓練效能優化，或是結合平行運算(GPU)，或是針對特定scenario的效能優化(DSP) * 影像處理經驗 * 訊號處理 * data mining * 如何在真實使用情境下使用ML/DL * 統計知識 * 各類型資料(即時/批次)的ETL * data visualization(BI)工具 * backend language * DAGs in Airflow * 資料相關核規 * 雲端平台如AWS、GCP、Azure、Oracle * MLOPs * CI/CD * Docker, K8s等容器化建置與管理 * database相關如Postgres, Google BigQuery 從上面條列出的這些技術與工具可以看出，與AI相關的職缺涉略的範圍相當廣，就是從資料出處到丟進模型訓練，還有視覺化以及自動化建置等有非常多處可以選擇來專精，有些也甚至會要求要有對該資料需要有一定的domain knowledge像是：image, video, blockchain, language, voice, signal等等，機會非常多，要求能力也偏雜。 --- ## Mock interview - [Support Escalation Engineer(TW)](https://careers.microsoft.com/us/en/job/1047877/Support-Escalation-Engineer-Security) 2021/06時發生，記錄成模擬面試流程 ### Interview流程 1. Filled in application on Microsoft career 2. Phone interview（Interviewer will ask you question according our learning material and your resume, motivation and self-introduction and so on） 3. English oral Test (about 30mins) 4. Technical interview * Technical Round - Customer support * Technical Round - Azure ATA(Advanced Threat Analytics) * Managerial Round. * Teams Online Video Interview) *3 （1 hour per round, we have 3 rounds technical interview）So it may take your 3 hours. We will call you and then send your confirm Email before the interview. ( the last round maybe is English technical interview. Please prepare it. （ Technical interview is mainly about：troubleshooting sense， customer support sense， technical, Oral English and about your Cv. Of course, motivation(why this job, industry and our company） * The interview loop may last 2-3 weeks. ### 面試過程 此工作的工作內容為Azure平台上有一部分是資安相關的service的技術support，協助客戶排除狀況、建置環境等等的相關問題。 * **(1) Application:** 從Linkedin上收到Microsoft的headhunter聯絡通知有此position可以申請，經確認意願後到Microsoft career上填寫申請資訊後進到面試流程。 * **(2) Phone interview:** 與微軟的HR人員在電話上進行自我介紹，HR與我確認當初寄給他們的履歷上的細節，如履歷上沒記錄到的空白時間是如何安排，及目前工作大致上的工作內容等 * **(3) English oral Test:** 與HR進行英語口說面試，內容同樣也是自我介紹學歷、目前工作內容等，再來也有詢問如果在工作上遇到困難時會如何面對。全程都以英文進行。 * **(4-1) Technical Round - Customer support:** 此關與其中一位工程師面試(英文)，在面試前有收到信會告訴你是甚麼情境，我遇到的是收到一封客戶寄信告訴你他在出差到國外時，outlook開始收不到信，請你幫忙協助排除問題。(此關有註明僅看與客戶的對答的流暢程度，技術相關的正確與否並不會被列入評分標準中)  👶：Hi, this is Microsoft Support. My name is Money, how can I help you? 🧔：Hi, I'm on the business trip in Beijin, and start from this morning, my Outlook can't be refresh and can't get any email. How can I fix this? 👶：OK I see. So may I ask what internet connection are you using? 🧔：I'm using the Wifi from my hotel. 👶：Did you use VPN to connect to the intranet of your company? 🧔：I'm not sure. I just directly connect to the hotel's Wifi and that's it. 👶：OK. It seems that you need to use VPN to connect to the intranet of your company. So the Outlook can receive the emails. 🧔：How can I connect to intranet with VPN? 👶：Do you remember any software that you need to use to connect to the network when you work from home? 🧔：I think there is Cisco Anyconnect. Is that the VPN? 👶：Yes, you can try login with Anyconnect and see if your Outlook can be refreshed. 🧔：After I connect, it still can't refresh. 👶：Can you check the firewall setting for me? If you are using Windows 10, go to the search bar and search "Control panel" for me. 👶：And then click on "System and Security" and then do you see there's "Windows defender firewall"? 🧔：Yes. 👶：Click on it and turn down the your firewall. 🧔：Oh! It works. Thank you so much. 👶：OK good! It seems like the firewall blocks the packet of your email. Glad to help you out. Any other question? 🧔：No, thanks! * **(4-2) Technical Round - ATA(Advanced Threat Analytics):** 此關也有在面試前先寄material給我先閱讀，material是關於Micorsoft提供的資安服務ATA，是個能協助公司進行資產管理的資安服務，原理類似IDS是透過mirror公司的network traffic，針對幾個驗證、認證的protocal去detect有沒有malicious的pattern，並在Azure上或地端管理平台有個視覺化的介面可以呈現這些資訊。不過在此次面試中，並沒有深問ATA，比較多是問對網路防禦的工具的了解程度。  🧔：Hi Money你好，有收到我們之前寄給你的ATA的materials了嗎? 👶：有! 🧔：那你讀完這些materials後，可以就你對ATA的了解，介紹一下ATA是什麼樣的產品給我們聽嗎? 👶：好的，ATA也就是Advanced Threat Analytics是Microsoft提供的一項資安服務，原理是會有一台ATA的center server，把送進到公司內部終端的network traffic封包mirror一份到ATA center去進行分析，它的功能有點像IPS，去分析這些data中有沒有malicious的pattern，一旦偵測出這些惡意特徵的話，管理人員可以透過管理平台去看公司內部有哪些資產存在風險並可針對這些資產去設定policy來達到資產管理的目的。 🧔：你過去有使用過類似IDS服務或軟體的經驗嗎? 👶：有的，過去有用過像是Crowdstrike的IPS去偵測並阻擋公司內部server farm的主機的惡意行為，也有用奧義智慧他們的EDR產品去分析員工endpoint的windows event log及網路行為等。 🧔：那你有在看log嗎，對那些log比較熟悉? 👶：log的部份的話我看比較多的是web server的access log跟windows event log。像access log就有在發生資安事件的時候需要去察看受影響或是看似異常的主機去撰寫shell script去找看看有沒有駭客留下的異常足跡或檔案；也會用一些工具去看windows os的endpoint去下一些filter來去查找像是event id 4625的異常登入失敗行為等等。至於網路封包那一塊的話就只有用過像crowdstrike的IPS服務，但對原始的packet data還不夠熟悉這樣。 🧔：那想請問一下今天如果客戶跟你說他在公司內連不到外面的網站，那你會察看甚麼log並會如何協助他處理呢? 👶：首先我會先確認他的電腦的網路連線是否能ping到外部的ip如8.8.8.8，因為有時候公司內網為了安全考量會使用帳號密碼或是公司CA發的內部憑證去當作認證來管理員工與外部的連線，所以有可能是這方面的驗證未通過導致該客戶網路連線其實是中斷的而連不到外部網站。那如果今天ping的時候發現其實是ping的出去的，那可能就要去看一下公司內的SIEM平台裡的防火牆log有沒有此台終端IP的封包被block的情形，如果有的話會再視此IP是否有需要被block的理由來替客戶從黑名單中剃除，應就能順利連上外部網站了。 🧔：了解，感謝你今天的參與，如有進下一關會再跟你聯絡。 * **(4-3) Managerial Round:** 此關應是與台灣Microsoft的IT或是雲端部門的主管面試，但在前一輪收到感謝信沒有進行到。