Back

Lead Cybersecurity Penetration Tester

Job Description

Siemens founded the new business unit Siemens Advanta (formerly known as Siemens IoT Services) on April 1, 2019 with its headquarter in Munich, Germany. It has been crafted to unlock the digital future of its clients by offering end-to-end support on their outstanding digitalization journey. Siemens Advanta is a strategic advisor and a trusted implementation partner in digital transformation and industrial IoT with a global network of more than 8000 employees in 10 countries and 21 offices. Highly skilled and experienced specialists offer services which range from consulting to craft & prototyping to solution & implementation and operation – everything out of one hand.

Industry 4.0 (or the fourth Industrial Revolution) is the automation of traditional manufacturing and industrial processes with the goals of increasing manufacturing capability, productivity, and efficiency. So how can we achieve these goals?

With digitalization (e.g. using technologies such as Industrial IoT, big data analytics, artificial intelligence, robotics, and autonomous systems), we can speed up the production process and lower manufacturing costs. Meaning companies can get their products to customers quicker than ever before.

This is our mission as Siemens Advanta: enabling our clients to unlock the digital future with our ecosystem.

Cybersecurity plays a critical role in the adoption and success of digitalization.

Help make the digital world a more secure place as a Lead Cybersecurity Penetration Tester in Bengaluru, India.

We don't need superheroes, just super minds

As a Lead Cybersecurity Penetration Tester, you'll technically-lead simultaneous vulnerability assessment and penetration testing (VAPT) activities for multiple R&D applications in the Industrial Automation Control Systems (IACS) domain.

You'll additionally conceptualize next-generation security testing approaches, create strategies on security testing technologies & tools and guide the pentesting team in their implementation, including the implementation of automation tools for VAPT.

What part will you play?

• You'll perform vulnerability assessments & penetration testing (VAPT) on networks, desktop, Edge, cloud and mobile applications

• You'll identify threats, and develop test cases to target identified threats

• You'll identify and exploit vulnerabilities in products under test

• You'll prepare reports by documenting identified issues based on internal templates

• You'll support and consult the project development teams to implement the required product & solution security (software and hardware)

• You'll manage project timelines, deadlines and expectations - including client interactions

• You'll drive research on emerging security topics, new attack vectors and keep up-to date

• You'll support & technically guide the penetration testing team on best-practices, tools and trends

• You'll advise security leadership on various aspects related to security testing and technically drive security testing improvement initiatives

Use your skills to move the world forward

Education

B.Tech / M.Tech in CS / IT / EE / EC / EI

Cybersecurity Certifications

CE|H - Mandatory

OSCP / OSWE - Mandatory

GSCP - Preferred

ISO 27001 LA - Preferred

Experience

At-least 7 years hands-on professional experience in product security testing domain

Competences

• Computer Networking Concepts – Deep understanding of TCP/IP, common networking ports and protocols, OSI model - Expert

• Security Testing – Expert

• Methods - Vulnerability scanning & assessments, Penetration testing, Fuzz testing, API testing, Hardware security testing

• Functions - Drive threat modeling, test scenario design & execution, team-guidance & work-product expert-review, industry-standard issue-reporting, collaboration with development teams to resolve issues and support fulfilment of security obligations etc.

• Technologies - Pentesting of various applications - Firmware, Rich Client-Server, Web, Mobile (Android & iOS), Containers, Edge, Cloud (AWS / Azure), etc.

• Tools - Experience in security assessment tools (e.g. NESSUS, NMap, BurpSuite, ZAP, OWASP tools, Kali Linux tools, Fuzzing tools)

• Automation - Experience in Automating Security tests using scripting languages (e.g. Python, Perl, Ruby)

• Standards - Experience working with NIST, OWASP, MITRE CWE, MITRE ATT&CK, ISO 27001, IEC 62443 etc.

• SW Development / Testing – Ability to code in C/C++/C# in Windows (using Visual Studio) / Linux (using gcc) - Advanced

• Written & Verbal Communication Skills – Expert

• Presentation Skills – Expert

• Domain (Industrial Automation) – Preferable

We've got a lot to offer. How about you?

• Competitive compensation

• An opportunity to shape the future of digitalization

• World-class researchers and engineers as team members

• We are an equal opportunity employer and welcome diversity

Make your mark in our exciting world at Siemens

This role is based in Bengaluru. You’ll also get to visit other locations in India and beyond, so you’ll need to go where this journey takes you. In return, you’ll get the chance to work with teams impacting entire cities, countries – and the shape of things to come.

We’re Siemens. A collection of over 379,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we encourage applications that reflect the diversity of the communities we work in.

At Siemens we are always challenging ourselves to build a better future. We need the most innovative and diverse Digital Minds to develop tomorrow ‘s reality.

Find out more about the Digital world of Siemens here: www.siemens.com/careers/digitalminds


Organization: Advanta

Company: Siemens Technology and Services Private Limited

Experience Level: Experienced Professional

Job Type: Full-time

Can't find what you are looking for?

Let's stay connected

Can't find what you are looking for?