Cyber Security Expert (SCADA Penetration Testing)

Siemens

What do I need to qualify for this job?
* BSc., MSc. or PhD in Computer Science or in related areas
* Very good command of English
* Minimum 5 years of experience in software applications and solutions for diverse industries
* Minimum 2 years of experience in conducting and/or designing penetration tests for SCADA systems 
* Proven skills and experience in current attack methods, manual penetration testing methods, and hacking tools ( Nmap, Metasploit, Kali Linux, Burp Suite Pro etc.) is a must.
* Hands-on and proven experience in conducting penetration tests for SCADA systems is a must
* Experience with Linux / Unix command line and scripting languages ( pyhton, bash, ruby, PowerShell, ksh, csh, tcl, etc. ) is a must.  
* Solid knowledge of SCADA , web and IoT protocols ( HTTP, HTTPS, SOAP, REST, Modbus, Profibus, Profinet, IEC104, IEC 61850, OPC UA, MQTT, AMQP etc.) is a must.
* Experience with programming languages ( C/C++, C# or Java ) is prefered.
* CEH, OSCP, LPT, CPTE or related certifications are prefered and a plus.  
* Good understanging of web and database technologies ( HTML, JavaScript, XML, JSON, SQL, noSQL, MongoDB etc. ) is prefered.
* Experience in automation technology, sensor technology, embedded software and telemetry solutions is a plus.
* Passionate and resillient for conducting robust tests
* Strong problem solving and analytical skills

İŞ TANIMI

JOB TITLE:
Cyber Security Expert (SCADA Penetration Testing) - Experienced

Job ID: 283605
City: Istanbul
Location: IST KAR
Organisation: Corporate Technology
Department: CT RDA DS EU TR DA
Mode of Employment: Permanent
 
Siemens Corporate Technology (CT) is the central R&D department within the Siemens Group. Siemens CT's main mission is to secure the future technology base for Siemens and to develop breakthrough products of the Siemens Group. Siemens CT in Turkey is mainly focused on Software Development in the areas of Industrial Automation and Energy Automation products and solutions. We are looking for experienced Cyber Security experts, who are willing to shape the future with us.

What are my responsibilities?
* Conduct tool-based and manual penetration testing on SCADA systems for network-, device-, web- and system penetration scenarios
* Assess SCADA system architectures for compliance and conformity to existing security measure plans
* Identify, exploit and evaluate vulnerabilities in SCADA systems under test.
* Perform research to identify and understand new threats, vulnerabilities and exploits,
* Investigate the conformity and consistency of OS and firmware versions in SCADA components, to identify the weaknesses in the configuration of OSs, network devices, and mobile platforms
* Perform root-cause analysis on identified vulnerabilities
* Perform lessons-learned sessions with system architects, developers and stakeholders to improve security robutsness in established SCADA systems
* Write penetration test reports, produce and deliver vulnerability information to customers and partners in the form of briefings and reports.  
* Produce high quality reports and deliverables for our customers
* Conform to Siemens processes, quality standards and guidelines

What else do I need to know?
* Military service should be completed for male candidates
* No restrictions for travelling

As Siemens we believe physical barriers are not related to potential. Only the potential matters to us. Therefore, we look forward to receive applications of candidates with physical barriers and chronic illnesses. We support healthy relationships between candidates with barriers and their colleagues because we believe we can create differences together.

Siemens is dedicated to quality, equality, and valuating diversity and we welcome applications that reflect the diversity of the communities within which we work.