PENETRATION TESTER

Siemens Mobility is a separately managed company of Siemens.
As a leader in transport solutions for more than 160 years, Siemens Mobility is constantly innovating its portfolio in its core areas of rolling stock, rail automation and electrification, turnkey systems, intelligent traffic systems as well as related services.
With digitalization, Siemens Mobility is enabling mobility operators worldwide to make infrastructure intelligent, increase value sustainably over the entire lifecycle, enhance passenger experience and guarantee availability.  In the digital age, Cybersecurity is a basic prerequisite if companies are going to be able to protect their critical infrastructures and sensitive data and ensure uninterrupted business operations.
Thus, Cybersecurity is a top priority at Siemens Mobility.
Our products, systems, and services adequately protect our customers’ data and equipment according to the current state-of-the-art.  Our vision is that for our society, customers and Siemens, we are the trusted partner in the digital world by providing industry leading Cyber security.
We are looking for a motivated and dedicated Penetration tester / Ethical Hacker to join our team of cyber security experts in the Mobility sector.
This is a unique opportunity for a technical, hands-on person to grow with the business and play a pivotal role in the growth and leadership of the team.
Professional skills.
3+ years of experience in an offensive security specialty.
Ability to clearly communicate, present and report technical topics.
Good analytical and problem-solving skills.
Windows, Linux and MacOS knowledge.
English – B2 at least Passion for learning.
Team player with ability to work independently.
Advanced interpersonal, verbal and written communications skills.
Ability to multitask, manage time effectively and prioritize tasks.
Self-motivated and creative.
An expert level of knowledge is required in the following areas.
Port scanners, vulnerability scanners, exploitation frameworks (Nmap, Nessus...).
Manual exploitation of public vulnerabilities.
Networking and network protocols.
Enumeration techniques.
Web application manual and automatic testing (Burp Suite...).
Active Directory.
Windows and Linux access controls and administration.
A good understanding of the following concepts.
Threat modelling and risk assessment.
Penetration testing processes, procedures, and reporting requirements.
Post exploitation techniques.
Nice to have.
Certifications such as OSCP, OSCE, CRTP, CRTE, CRTO, etc.
Programming skills (Python, C#, C/C++, Go, etc.).
Cloud (Azure and AWS).
If we all thought the same, we would never think of anything new! That’s why we recruit great minds from all walks of life.
We recognise that building a diverse workforce is essential to the success of our business, therefore we encourage applications from a diverse talent pool.
We welcome the opportunity to discuss flexibility requirements with our applicants to encourage agile working and innovation.
Flexibility is our main benefit.
We combine remote and presence work because work-life balance and wellbeing are essential for our teams.
We are convinced that stay at home allow us to focus on activities that need more time for concentration and being at the office enhance our creativity collaborating and learning from others.  Siemens aboga por la igualdad de oportunidades entre mujeres y hombres, así como en la Diversidad como fuente de creatividad e innovación.
Contar con diferentes tipos de talento y de experiencias nos hace ser más competitivos y estar mejor preparados para responder con éxito a las demandas de la Sociedad.
Por ello, valoramos a las candidatas y a los candidatos que reflejen la Diversidad que disfrutamos en nuestra Compañía y animamos la cobertura de puestos por mujeres y hombres en ocupaciones que se encuentren subrepresentadas.
#LI-ES1