Software Developer for Security Framework
Therefore, cyber security has evolved into one of the core technologies at Siemens which helps shape the new age of smart manufacturing, dynamic supply chains, as well as tailored products and services.
Siemens Corporate Technology is focused on state-of-the-art, and beyond, technological challenges which help Siemens provide better, more efficient and secure products to its customers. Siemens Corporate Technology provides security building blocks and blueprint architectures for all Siemens business units in order to facilitate faster and better product development. We test and assess products & solutions, analyze and review code, develop security measures, and optimize their implementation. And finally, we analyze threat landscapes, manage vulnerabilities, and provide solutions for incident response.
We are looking for experienced security professionals to drive operational excellence, continuous development and improvement of Siemens’s security solutions.
What are my responsibilities?
• To develop new features to further extend a penetration testing framework at Siemens, e.g., by
o Develop (new and extend) a fuzzing framework
o Develop concolic testing techniques
o Extend reporting tools for security assessments
• Work on software development tasks covering both,
o Creation of optimal solutions to refine a security testing framework – focus on performance and accuracy
o Create solutions that are designed in a way to be modular and easy to maintain – focus on code quality
• Work in a DevSecOps environment – software developers are expected to also work in operations to experience the tool chain, tasks, and challenged to better understand relevance of solutions and approaches to security testing
What do I need to qualify for this job?
• Fluency in spoken and written English, including security terminology; proficiency in German a plus
• Proficiency and proven expertise in C/C++, Python (django, nose, unittest)
• Know-how of binary reversing a plus
• Basic understanding of fuzzing, concolic testing and dynamic analysis of binaries a plus
• Stolid knowledge in Version Control Systems (preferably Git)
• Basic Linux knowledge
• Prior training in Secure Coding a plus
• Ability to present and explain complex technical topics to both technical and non-technical staff
• Ability to work in a self-guided and result-oriented fashion with the clear desire to become an acknowledged technical expert in your own area of expertise
Job ID: 79977
Organization: Corporate Technology
Experience Level: Experienced Professional
Job Type: Full-time