Senior Key Expert for Critical Infrastructure Testing [MULTIPLE POSITIONS]

Employer: Siemens Corporation

Job Title: Senior Key Expert for Critical Infrastructure Testing [MULTIPLE POSITIONS]

Job Location: Princeton, NJ 

Job Type: Full Time

Rate of Pay: The salary range for this position in Princeton, NJ is $161,100 - $217,900 per year and this role is eligible to earn incentive compensation. Siemens offers a variety of health and wellness benefits to employees. Details regarding our benefits can be found here: www.benefitsquickstart.com. In addition, this position is eligible for time off in accordance with Company policies, including paid sick leave, paid parental leave, PTO (for non-exempt employees) or non-accrued flexible vacation (for exempt employees). 

Duties: Drives the definition and continuous improvement of the research agenda and roadmap of the respective research roadmap path globally. Aligns research and technology development activities for this topic globally, and executes, in a leading or guiding role, complex and challenging research projects with anticipated significant impact on the company. Identifies trends in his technical area internally and externally, and makes them available for others and drives their development. Devises new service offerings. Creates innovative solutions, actively creates patents, and contributes to standards in his specific technical area. Subject matter expert in the area of cybersecurity testing for critical infrastructure within Siemens Corporation at a level that is internally and externally recognized. Executes security testing projects focused on critical infrastructure assets and environments for both company-internal customers, as well as external customers. Acquire projects in the area of industrial security testing / industrial penetration testing by anticipating customer need, identifying potential customers (within Siemens), assessing their need, scoping and pricing project work, and create a project proposal. Execute industrial and IT penetration tests by assessing worst case scenarios and goals of assessments, defining a test plan, selecting suitable tools and approaches, align with industry best practice approaches such as OWASP Top 10 or the MITRE ICS ATT&CK framework, find vulnerabilities in applications and equipment using the defined approach, document findings, present findings, and recommend mitigating actions.

Requirements: Employer will accept a Master’s degree, or foreign equivalent, in Computer Science, Information Security, Cyber Security, Mathematics, or related field and 36 months of experience in the job offered or in an Information Security Analyst related occupation. The position also requires 36 months of experience in the following: Penetration testing in Operations Technology (OT) or Industrial Control System (ICS) targets; Technical experience with current attack methods, such as comprehensive MITRE ATT&CK for ICS; Penetration testing methods, and hacking tools including nmap, Nessus, Burp Suite, and Metasploit; Planning design-to-risk and design-to-cost security testing projects for products, solutions, and networks; Working with secure configuration of OT, IoT, and network devices; Working with scripting languages such as Python, PowerShell, LUA, or Bash. Telecommuting and/or working from home may be permissible pursuant to company policies. 20% International and Domestic travel required for the position.

[Hybrid role]

Referral Program: Incentives offered through the Company’s Employee Referral Program are applicable to this position.

CONTACT : Click on Apply button in this posting