Junior Penetration Tester - Munich, Deutschland - Siemens Energy

Siemens Energy
Siemens Energy
Geprüftes Unternehmen
Munich, Deutschland

vor 2 Wochen

Lena Wagner

Geschrieben von:

Lena Wagner

beBee Recruiter
Beschreibung
Early Professional


A Snapshot of Your Day


In your new role, you assess products, solutions, and services with tool-based and manual approaches as well as perform red team assessments in both, IT and OT environments.


How You'll Make an Impact

  • Supporting in performing hardware hacking on embedded devices including firmware extraction, connecting to internal bus systems, etc.
  • Developing test setups for OT attack scenarios that can be used for internal tool evaluations and awareness activities
  • Creating hacking demonstrations based on predefined attack scenarios to raise security awareness for internal stakeholders and external customers
  • Finding new vulnerabilities that trigger business worst case scenarios, rate their risk level according to CVSS, and prove their relevance with exploit scripts (including SCADA, PLCs)
  • Checking compliance of security settings with international standards (patch status, secure configuration)
  • Explaining vulnerabilities and their impact to technical experts as well as to management and perform rootcause analysis and lessons learned with developers and architects

What You Bring

  • A minimum of master ́s degree in information technology, Computer Science, Engineering or related field
  • First experience within current attack methods, manual penetration testing methods, and hacking tools (Nessus, Nmap, Metasploit, Kali Linux, IDA PRO, Burp Suite Pro) as a starting point for intensive manual security tests and selfdeveloped testing tools
  • Experience in analyzing rich clients (Java,.NET, binary) and their techniques, such as debugging, API hooking, and exploit generations as well as in hardware hacking (JTAG, internal bus systems) is a plus
  • Proficiency in programming languages such as C/C++, Java,.NET, Python, and manual source code spot checks as well as domain knowhow in Energy Technologies (PLC/SCADA) is a plus
  • German language skills a plus
  • Certifications like OSCP, CEH, CISSP, CISA, CISM preferred but not required

About the Team


Whether we are talking about hacking complex IT environments, taking apart embedded devices to find vulnerabilities, or compromising industrial solutions; the technical assurance team has everything covered when it comes to testing the security of Siemens Energy and its products.


Who is Siemens Energy?
At Siemens Energy, we are more than just an energy technology company. We meet the growing energy demand across 90+ countries while ensuring our climate is protected.

With more than 92,000 dedicated employees, we not only generate electricity for over 16% of the global community, but we're also using our technology to help protect people and the environment.


Our global team is committed to making sustainable, reliable, and affordable energy a reality by pushing the boundaries of what is possible.

We uphold a 150-year legacy of innovation that encourages our search for people who will support our focus on decarbonization, new technologies, and energy transformation.


Our Commitment to Diversity
Lucky for us, we are not all the same. Through diversity we generate power. We run on inclusion and our combined creative energy is fueled by over 130 nationalities. Siemens Energy celebrates character - no matter what ethnic background, gender, age, religion, identity, or disability. We energize society, all of society, and we do not discriminate based on our differences.


Rewards/Benefits

  • Working in an international team with all internal divisions and functions getting an excellent overview about the complete company
  • Taking functional responsibility for a team within the assessment and support projects
LI-JL1
Mehr Jobs von Siemens Energy
Alle Jobs von Siemens Energy anzeigen