Penetration Tester

Siemens   •  

Princeton, NJ

5 - 7 years

Posted 240 days ago

This job is no longer available.

Job Description:

Join our cyber security research and consulting group located in Princeton, NJ, and deliver expert penetration tests for our internal customers. You will work in diverse application areas such as smart factories, smart grids, intelligent transportation systems, and robotics as well as traditional IT. Our close contact to different business units in Siemens provides the opportunity to contribute to and gain experience in real industrial applications. zAzMTQ1NDAzNTMzNmUzMDczNGIzMTY0NDQzMTMzNzM=   Siemens Background   For nearly 170 years, pioneering technologies and the business models developed from them have been the foundation of Siemens‘ success. Our central research and development unit, Corporate Technology (CT) plays an important role in this. Together with our global network of experts, we are a strategic partner to Siemens’ operative units and provide important services along the entire value chain – from research and development to production and quality assurance, as well as optimized business processes. Our support provided to the businesses in their research and development activities is ideally balanced with our own future-oriented research.

We at Corporate Technology are more than employees: We are actively helping to make people’s lives a little better every day. Would you like to be a part of that? Then join us. We offer you a high level of practical relevance as well as an opportunity to individually contribute your knowledge and your visions around the world. Whether you’re helping to develop products for the operating units or working in interdisciplinary projects for the business areas: At Corporate Technology you’ll be working in the heart of Siemens’ technological research together with the best.   One of our focus areas in this cyber team is to provide security assessments (penetration tests) for Siemens-owned IT-Systems as well as for Siemens products. As part of this team, you will search for security vulnerabilities in products as diverse as control systems used in energy utilities that are part of the nation’s critical infrastructure, building automation systems, manufacturing plant automation and control systems, and innovative new products and solutions developed by Siemens.   What will be my responsibilities?

  • Your job will be to conduct Cyber Security Assessments and Penetration Tests (hands-on work) as an individual, self-managed tester, or in small project teams.
  • You task will be to search for security vulnerabilities in both traditional IT assets (web applications, fat clients, ERP systems, installations of COTS products), as well as Siemens products. Initial responsibilities will focus on web application security, but will be expanded to cover more non-standard IT, industrial devices, and Siemens products based on individual capabilities.
  • Be able to document your findings for management and technical staff and recommend mitigating actions.
  • You will get to work with customers to determine their need for security assessments, present and explain the employed methodology, and support them with feedback and verification during mitigation.               

  What do I need to qualify for this position?

  • 5-7+ years of hands-on penetration testing required.
  • Excellent up-to-date technical and hands-on knowledge, experience in current attack methods, penetration testing methods, and hacking tools; especially for web applications, required. 
  • Ability to understand, find, verify, and explain security vulnerabilities. Review and ensure the secure configuration of OS and network devices
  • GPEN, GWAPT, GXPN, OSCP, OSCE, CCNP, and CCSP are a plus but not required.
  • Proficiency in a scriptinglanguage like Python, PowerShell, LUA, or Bash.
  • Problem solver who sees a roadblock and figures out how to get around it with a strong hands-on and can-do attitude.
  • No degreerequired. MS in Computer Science, Information Security, Mathematics preferred
  • Willingness to travel, up to 20% (domestic/international)
  • Successful candidate must be able to work with controlled technology in accordance with US Export Control Law. US Export Control laws and applicable regulations govern the distribution of strategically important technology, services and information to foreign nationals and foreign countries.

Requisition Number: 219116