Application Penetration Tester (f/m)

  • Full-time
  • Legal Entity: Robert Bosch Sp. z o.o.

Company Description

At Bosch, we shape the future by inventing high-quality technologies and services that spark enthusiasm and enrich people’s lives. Our promise to our associates is rock-solid: we enjoy our work, we inspire each other, we provide equal growth opportunities for all team members, all roles are represented in all countries. We grow together!

Job Description

We are looking for security engineer who loves solving interesting problems and think “secure” is just a matter of perspective. You will be performing high end security evaluations focusing on web applications, APIs, mobile applications, thick client applications and cloud environments.

Tasks:

  • Black-box and Grey Box penetration test applications.
  • Security testing including reverse engineering of Mobile applications (Android and iOS).
  • Create innovative attacks tools/automations for project specific needs.
  • Communicate complex vulnerability results to technical and non-technical audience.
  • Perform research and contribute to open-source community on new attack methodology, vulnerability findings.
  • Scope penetration tests and contribute to penetration test project management.

Qualifications

  • Minimum 5 years of combined experience in penetration testing and security engineering roles.
  • Professional certifications such as OSCP, CEH, CISSP, CISM, or equivalent.
  • Advanced level of understanding of OWASP Top 10, CVE, general security controls, and other foundational topics such as the latest web application system exploits.
  • Attacker mindset for breaking the websites with practical knowledge of OWASP.
  • Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking.
  • Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables.
  • In depth experience with common automated VAPT tools such as Nessus, Burp Suite.
  • Proficiency with other common attack tools and frameworks such as Wireshark, Kali,  Metasploit, etc. 
  • Working knowledge of DevSecOps, CIS Security benchmarks, scripting languages (Python, PowerShell, Bash) for automation.
  • Fluent English (both verbal and written).
  • Proficiency in German language is a plus.
  • Ability to work independently and as part of a cross-functional team.
  • Strong analytical and problem-solving capabilities.
  • Structured and systematic approach to projects.

Additional Information

Bosch’s culture of innovation and digital transformation offers you a fantastic platform to grow your skills and enhance your network. We are dedicated to building a warm, open, transparent, and inclusive work environment for all.

 

Work #LikeABosch:

  • Employment Contract
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees

Grow #LikeABosch:

  • Complex environment of working, professional support and possibility to share knowledge and best practices
  • Ongoing development opportunities in a multinational environment
  • Broad access to professional trainings (incl. language courses), conferences and webinars

Live #LikeABosch:

  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card 
  • Number of benefits for families (for instance summer camps for kids)
  • Non-working day on the 31st of December
Privacy PolicyImprint