We’re looking for forward-thinking, ambitious game-changers like you to be part of our cybersecurity team for critical infrastructure such as Energy domain. Siemens needs a qualified penetration tester to join our IT/OT team As our penetration tester, you will be responsible for conducting regular audits and inspections in order to make sure our network and computer systems are secure. Specific duties Work with clients to determine their technical security requirements as a basis for pen test design concept. Plan and create penetration test specifications, methods, and scripts based on PTES and OSSTMM Carry out remote testing of a client's network or onsite testing of their infrastructure to expose weaknesses in security Simulate security breaches to test a system's relative security Create reports and recommendations from your findings, including the security issues uncovered and level of risk based on metrics such as CVSS scores. Advise on methods to fix or lower security risks to systems Present your findings, risks and conclusions to management and other relevant parties Consider the impact your 'attack' will have on the business and its users Understand how the flaws that you identify could affect a business, or business function, if they're not fixed. You should have Education qualification - MCA / B. Tech /B.E. Computer Science or other IT related degree Has at least 5 years of experience in pen testing Extensive experience in various pen test tools such as Kali, Parrot, Burp, Metasploit, Nessus. Proficiency in creating exploit and pen testing scripts Experience in various debugging/reverse engineering/deobfuscation tools such as IDA Pro, WinDbg, metasm, miasm, VxStripper etc. Strong knowledge of threat modeling and analysis frameworks such as CWE, MITRE ATT&ACK framework, Mitre CAPEC library, OWASP Top10, OWASP ASVS etc. Good knowledge of low level interfaces of Linux and Windows platform Good knowledge of hardware architecture such as x86, x64 and ARM Good knowledge of reverse engineering Application frameworks such as .NET and Java excellent spoken and written communication skills to explain your methods to a technical and non-technical audience attention to detail, to be able to plan and execute tests while considering client requirements the ability to think creatively and strategically to penetrate security systems good time management and organizational skills to meet client deadlines ethical integrity to be trusted with a high level of confidential information the ability to think laterally and 'outside the box' teamwork skills, to support colleagues and share techniques exceptional analytical and problem-solving skills and the persistence to apply different techniques to get the job done Good to have the certification in: CREST Registered Penetration Tester (CRT) Offensive Security Certified Professional (OSCP) Certified Ethical Hacker (CEH) Certification GIAC Certified Penetration Tester (GPEN)