Senior Penetration Tester for Energy Products, Solutions & Services

Siemens Energy • Porto

Publicado em 29/04/2026 às 10:41

Full-time Informática (Programação) Remoto
Salário €****
Login para Candidatar
Descrição da Vaga

A Snapshot of Your Day

In this role, you will conduct advanced penetration testing and red team assessments across IT, OT, and factory environments to identify critical security risks. You will evaluate products and customer solutions, support compliance with international security standards, and translate technical findings into clear, actionable insights for both engineers and management—driving sustainable security improvements in an international setting.How You’ll Make an Impact

  • Assess IT, OT & factory infrastructures as well as products, solutions, and services with tool-based and manual penetration test & red team methods (products, solutions, services, IoT & embedded devices, web technologies, rich clients, SAP, networks & network devices, security devices & technologies, protocols, source code spot checks, binary reversing, fuzzing, & DDoS attacks).
  • Find new vulnerabilities that trigger business worst case scenarios, rate their risk level according to CVSS, and prove their relevance with exploit scripts (including Scada, PLCs).
  • Additionally, check compliance of security settings with international standards and policies like CRA or IEC62443 (patch status, secure configuration).
  • Explain vulnerabilities and their impact to technical experts as well as to management and perform root-cause analysis and lessons learned with developers and architects.
  • Coach architects, developers, system integrators, administrators and service personnel early during product and solution development as well as procurement to improve security sustainably. Moreover, you coach working students.
  • Perform penetration tests on customer networks and solutions.

What You Bring

  • A minimum of bachelor’s degree in information technology, Computer Science, Engineering or related field. A specialization in cybersecurity is a plus.
  • More than three years of experience in hands-on penetration testing or red team engagements.
  • Experience within current attack methods, manual penetration testing methods, and hacking tools (Nessus, Nmap, Metasploit, Kali Linux, IDA PRO, Burp Suite Pro) as a starting point for intensive manual security tests and self-developed testing tools.
  • The ability to present and explain complex technical topics to both management personnel and technical experts.
  • Experience in analyzing rich clients (Java, .NET, binary) and their techniques, such as debugging, API hooking, and exploit generations as well as in hardware hacking (JTAG, internal bus systems) is a plus.
  • Proficiency in programming languages such as C/C++, Java, .NET, Python, and manual source code spot checks as well as domain know-how in Energy Technologies (PLC/SCADA) is a plus.
  • As you act in an international environment, you bring fluent English language skills (including security terminology) both verbal and written; proficiency in German is a plus.
  • German language skills a plus.
  • Certifications like OSCP, CEH, CISSP, CISA, CISM preferred but not required.
  • Background knowledge in organizational information (ISO/IEC 27001 / IEC 62443).

About the Team

Precisa de estar logado para se candidatar.
Login para Candidatar