Experienced Associate / Pentester (Red Team) (m/f/d) - Cybersecurity Audit

Experienced Associate / Pentester (Red Team) (m/f/d) - Cybersecurity Audit

Join to apply for the Experienced Associate / Pentester (Red Team) (m/f/d) - Cybersecurity Audit role at Siemens

Overview

Controlling and Finance Assurance (CF A) helps Siemens to achieve their goals by providing objective, factual and independent assurance to the Siemens Managing Board and Audit Committee. As a business partner to Siemens executive management, we leverage our expertise in a wide range of topics to create an impact that drives change with improved financial results. We offer a vibrant, international, and inclusive environment which ensures a variety of perspectives and enables big picture thinking. CF A is a unique talent incubator inside Siemens. We offer continuous career coaching and mentoring throughout the program, all whilst working with top Siemens business leaders on multiple high‑profile projects around the world.

Responsibilities

• As valuable member of the assurance team you will be responsible for conducting Cybersecurity assessments across the entire Siemens landscape, including products, services, IT‑systems, factories, and software development centers. During this process you will perform ethical hacking activities, design attack scenarios for state‑of‑the‑art technologies and highlight important observations to translate technical findings into management information so that they can take effective actions.
• Apply hacking principles and red team methodologies, tools and techniques to mimic real‑world threat behaviors faced by the Siemens digital environment, e.g. cloud applications, on‑premise infrastructure, digital products and services.
• You work closely with cybersecurity experts from multiple industries to improve their solutions by tackling the root cause of the issues and find innovative solutions to modern challenges.
• You independently conduct research on latest developments in cybersecurity technologies and threats and understand how this is impacting and changing the Siemens environment.

Qualifications

• Strong academic history (Master degree) in IT, Computer Science or other related fields; certifications such as GIAC GPEN, OSCP, OSWE, CRTP, eJPT, CREST, etc. are a plus.
• Good scripting and programming skills and experience with languages such as Bash, Python, PowerShell, and C++ / C#.
• At least 5+ years of professional experience within Siemens or a related industry in penetration testing with a proven record of continuous career development.
• Demonstrated affinity to learn about the latest trends in cybersecurity and keep up to date in a continuously challenging environment.
• You have experience with one or more of the following aspects of penetration testing / red teaming: application and software security, EDR and antivirus evasion, C2 setup, automation and scaling of security testing, Active Directory attacks, etc.
• Demonstrated experience in capture the flag (CTFs) events, bug hunting or vulnerability research (CVEs) is a plus.
• You demonstrate an international mindset and are open to travelling and working in a diverse team.
• You have a great attitude, curiosity, and willingness to learn.

Benefits

• 2 to 3 days of mobile working per week as a future global standard.
• An environment where everyone can bring their whole self to work and feel a sense of belonging.
• 30 leave days and a variety of flexible working models that allow time off for yourself and your family.
• Share‑matching programs to become a shareholder of Siemens AG.
• Pension plan to ensure financial security.
• 50+ learning hours per year for both personal and professional growth.

Equal Opportunity

As an equal‑opportunity employer we are happy to consider applications from individuals with disabilities.

#J-18808-Ljbffr