Cloud Security Tester

Siemens

What do I need to qualify for this job?
* BSc., MSc. or Ph.D in Computer Science / Engineering or a related area.
* Proven 2+ years of experience in software testing.
* Hands-on experience in at least one field such as CERT Cybersecurity, API / Web / Network / Device security and Penetration testing
* Knowledge in software life cycle and agile methodologies is a mustISTQB Foundation Level certificate is a plus.
* In depth knowledge of the main security issues in Software systems
* Proven skills in Java is a plus.
* To prioritize tasks and to manage workloads in an effective manner with minimal direct supervision and flexibility/self-organization in managing multiple and diverse tasks
* Knowledge in Gradle and Jenkins is a plus
* Willing to and able to take on complex projects independently
* Open minded and highly collaborative
* Creative and persistent
* Strong problem solving and analytical skills
* Excellent interpersonal communication skills
* Very good command of English

İŞ TANIMI

DESCRIPTION/RESPONSIBILITIES:
Siemens Corporate Technology (CT) is the central R&D department within the Siemens Group. Siemens CT's main mission is to secure the future technology base for Siemens and to develop breakthrough products of the Siemens Group. Siemens CT in Turkey is mainly focused on Software Development in the areas of Industrial Automation and Energy Automation products and solutions. We are looking for Software Engineers, who are willing to shape the future with us.

What are my responsibilities?
* Write a security test plan, perform and evaluate security tests from a variety of perspectives: policy-based, risk-based, standards-based, requirements-based and vulnerability-based.
* Align security test activities within project lifecycle activities.
* Analyze the effective use of risk assessment techniques in a given situation to identify current and future security threats and assess their severity levels.
* Analyze a given situation to determine which security testing approaches are most likely to succeed, implement them and evaluate the effectiveness.
* Identify improvement areas and security gaps where additional or enhanced security testing may be needed.
* Help the organization build information security awareness e.g. by providing trainings.
* Demonstrate the attacker mentality by discovering key information about a target, performing actions in a protected environment that a malicious person would perform and understand how evidence of the attack could be deleted.
* Write security test status report to ensure the level of accuracy, understandability and to meet the stakeholder requirements.
* Analyze candidate security testing tools and use most suitable ones based on specified needs.
* Search for the security testing standards and make use of them.

What else do I need to know?
* Military service should be completed for male candidates
* No restriction for travelling

As Siemens we believe physical barriers are not related to potential. Only the potential matters to us. Therefore, we look forward to receive applications of candidates with physical barriers and chronic illnesses. We support healthy relationships between candidates with barriers and their colleagues because we believe we can create differences together.

Siemens is dedicated to quality, equality, and valuating diversity and we welcome applications that reflect the diversity of the communities within which we work.