Our team is part of Siemens Technology (T) and is composed of makers, innovators, engineers, and researchers that unite a passion about cybersecurity and securing our customers’ assets and networks - in domains such as control systems used in energy utilities that are part of the nation’s critical infrastructure, smart factories, building automation systems, intelligent transportation systems, healthcare, and innovative new products and solutions developed by Siemens. Our close contact to all our business units in Siemens provides the opportunity to contribute to and gain experience in real industrial applications.

The Challenge

In this role you will:

• Conduct Cybersecurity Assessments and Penetration Tests (hands-on technical work) as an individual, self-managed tester, or in small project teams. Assignments will mostly be in-house, but also include pentests at Siemens customers and partners.
• Search for security vulnerabilities and zero days in Siemens products and other industrial assets and environments. Your focus will be on Operation Technology (OT), but will also include traditional IT assets (web applications, fat clients, ERP systems, installations of COTS products).
• Work with application/product owners within Siemens to determine their need for security assessments, present and explain the employed methodology, and support them with feedback and verification during mitigation.
• Proactively look for ways to improve and research new and improved approaches for penetration testing and vulnerability scanning in industrial environments, and work with internal and external researchers and specialists to drive research results, and publish results where possible. You will participate in larger research initiatives, such as government funded research projects.
• Take responsibility to represent a key area of OT Penetration Testing research within the company, as well as outside, in the role of a key subject matter expert.
  
  

The Candidate

Qualified candidates will have:

• 2+ years of hands-on penetration testing or relevant cybersecurity experience required
• High School degree required, B.Sc./M.Sc. in Computer Science, Information Security, Mathematics, or another relevant field preferred
• Technical and hands-on knowledge, experience in current attack methods, penetration testing methods, and hacking tools required.
• Ability to understand, find, verify, and explain security vulnerabilities. Review and ensure the secure configuration of OS and network devices
• GPEN, GWAPT, GXPN, OSCP, OSCE, CCNP, and CCSP are a plus but not required.
• Winning a CTF, being awarded a CVE, or any other track record of success in the security community is a significant plus
• Proficiency in a scripting language like Python, PowerShell, LUA, or Bash.
• High work ethics and sense of ownership for the delivered results
• Good communication skills in English; German, or other languages, a plus
• Willingness to travel, up to 20% (domestic/international)
  
  

About Us

Our research team is located in beautiful Princeton, NJ, a university town packed with exceptional international talent that provides a unique feel of this true cultural gem in the state. The town has plenty of activities to offer, but for those looking for more, at just about 1h drive we have NYC or Philadelphia. We have the best public schools in the country and all of the above glued together by a very active and welcoming community.

As Siemens’ central Research & Development department, we embrace this community. Our core mission is to support our Siemens business units as a central knowledge hub for all cybersecurity capabilities globally. We research and develop new and innovative solutions, based on much-needed deep technical expertise, and our network with internal and external experts and academia. This allows us to invent new solutions and approaches, and verify their feasibility in the “real world” together with the product development teams of our business units – creating a stimulating setup for quick innovation cycles and rapid prototyping.

We also offer a generous remote working environment as well as robust health and wellness benefits to promote healthy living and support the best lifestyle for you and your family.

Join Us

We are more than employees; we are actively helping to make people’s lives a little better every day. Would you like to be a part of that? Then join us. We offer you a high level of practical relevance as well as an opportunity to individually contribute your knowledge and your visions around the world. Whether you’re helping to develop products for the operating units or working in interdisciplinary projects for the business areas: At Corporate Technology you’ll be working in the heart of Siemens’ technological research together with the best.

Successful candidate must be able to work with controlled technology in accordance with US Export Control Law. US Export Control laws and applicable regulations govern the distribution of strategically important technology, services and information to foreign nationals and foreign countries. Siemens may require candidates under consideration for employment opportunities to submit information regarding citizenship status to allow the organization to comply with specific US Export Control laws and regulations. Additional information on the US Export Control laws & regulations can be found on http://www.bis.doc.gov/index.php/policy-guidance/deemed-exports/deemed-exports-faqs?view=category&id=33#

#LI-DM4