Senior Offensive Security Engineer (mf)

As a Senior Offensive Security Engineer you will be a key member of our corporate central monitoring and overseeing team. Your role is to provide expert oversight and ensure the quality and effectiveness of our offensive security activities. You will act as a subject matter expert guiding the organization in proactively identifying and mitigating complex security threats. 

Your key responsibilities will include: 

• Quality Assurance:Critically assess multiple penetration test reports from various internal and external teams to ensure the quality accuracy and completeness of the findings. 

• Vendor and Team Assessment:Evaluate the efficacy of penetration testing teams and vendors to build a panel of trusted high-quality security partners. 

• Verification Testing:Be prepared to conduct independent hands-on penetration tests to validate the quality of assessments performed by other teams. 

• Strategic Guidance:Support the development and implementation of the corporate cybersecurity resilience roadmap by providing an adversarial perspective. 

• Stakeholder Communication:Serve as a key liaison between the central cybersecurity team and business stakeholders clearly articulating risks and recommendations to peers and senior management. 

• Knowledge Sharing:Interface with development and infrastructure teams to strengthen secure development and operational practices throughout the organization. 

Qualifications :

• Industry Experience:4-8 years of professional industry experience with at least 5 years dedicated to cybersecurity roles. 

• Core Skills:Extensive hands-on experience and deep technical knowledge in penetration testing is a primary requirement. 

• Broad Knowledge Base:You should have a wide-ranging security knowledge base primarily focused on enterprise IT. Preferably you also have some knowledge of product security and Operational Technology (OT) security. 

• Communication & Presentation:You must have excellent written and verbal communication skills in English with a proven ability to create high-quality reports and present complex technical findings to both technical and senior management audiences. 

• Analytical Mindset:You possess strong analytical skills to assess reports identify patterns and evaluate the effectiveness of security assessments. 

• Learning Mindset:You have a passion for continuous learning and are driven to stay current with the ever-evolving landscape of security threats vulnerabilities and mitigation techniques. 

Additional or Preferred Qualifications 

• Relevant industry certifications such as OSCP GPEN GWAPT GXPN or CISSP are highly desirable. 

• Experience in Red Teaming threat modeling or vulnerability research. 

• Familiarity with major cloud platforms (AWS Azure GCP) and their security services. 

• Knowledge of cybersecurity frameworks like the MITRE ATT&CK framework. 

• Experience working within a large global corporate environment. 

Additional Information :

Boschs culture of innovation and digital transformation offers you a fantastic platform to grow your skills and enhance your network. We are dedicated to building a warm open transparent and inclusive work environment for all.

Work #LikeABosch:

• Employment Contract
• Competitive salary annual bonus
• Hybrid work with flexible working hours
• Referral Bonus Program
• Copyright costs for IT employees

Grow #LikeABosch:

• Complex environment of working professional support and possibility to share knowledge and best practices
• Ongoing development opportunities in a multinational environment
• Broad access to professional trainings (incl. language courses) conferences and webinars

Live #LikeABosch:

• Private medical care and life insurance
• Cafeteria System with multiple benefits (incl. MultiSport shopping vouchers cinema tickets etc.)
• Prepaid Lunch Card 
• Number of benefits for families (for instance summer camps for kids)
• Non-working day on the 31st of December

Remote Work :

No

Employment Type :

Full-time