Senior Penetration Tester
Siemens
Hello Visionary!
We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future.
Does that sound like you? Then it seems like you’d make a great addition to our vibrant team.
We are looking for a Penetration Tester.
This position is available for Chennai Location.
You’ll make a difference by:
• Having experience in Leading and performing complex penetration testing engagements across enterprise networks, cloud infrastructures, web, mobile, APIs, thick clients, and IoT environments.
• Having understanding to Simulate sophisticated real-world attacks (e.g., APT scenarios, lateral movement, chained exploits).
• Conducting Red Team exercises and adversary emulation based on frameworks like MITRE ATT&CK.
• Identifying and exploiting vulnerabilities using both automated tools and advanced manual techniques.
• Reviewing, enhancing, and developing custom scripts, tools, and exploits to support internal testing capabilities.
• Providing expert-level guidance to business units on security risks, remediation strategies, and secure architecture.
• Actively participating in client discussions, executive briefings, and technical workshops.
• Delivering detailed and executive-level reports, including risk ratings, business impact, PoCs, and mitigation steps.
• Maintaining robust documentation of testing methodologies, custom tools, and process improvements.
• Ensuring all engagements align with internal policies, industry frameworks (e.g., OWASP, NIST, ISO), and client-specific compliance standards.
Training and Development
- Stay updated on the latest security trends, vulnerabilities, and technology advancements.- Provide training and guidance to the team and other departments on security best practices.
Strategy and Planning
- Plan and scope penetration testing engagements, ensuring comprehensive coverage and effectiveness.- Participate in the development of security policies and standards.
Technical Expertise
Deep hands-on experience in:
- Web, API, Thick Client and mobile app security testing (e.g., OWASP Top 10 – Web, Mobile, API)- Internal/external network penetration, privilege escalation, and lateral movement- Active Directory assessments and exploitation (Kerb roasting, Pass-the-Hash etc.)- Familiarity with ICS, SCADA, BACnet protocols, and covert communication channels- Wireless, Bluetooth, IoT device, Embedded Security, Cloud (AWS/Azure/GCP), and container security testing- Working knowledge of Kali Linux and frameworks like MITRE ATT&CK- Basic understanding of AI/ML security: adversarial attacks, model poisoning, and secure deployment of AI systems
Proficiency with tools such as:
- Offensive: Burp Suite Pro, Metasploit, SQLMap, Cobalt Strike, Impacket, CrackMapExec, BloodHound, Sliver- Reconnaissance: Nmap, Amass, Shodan, OSINT frameworks/tools- Vulnerability Scanners: Nessus, Qualys, Nexpose
Programming/Scripting:
- Skilled in scripting and exploit development using Python, Bash, PowerShell, and occasionally C/C++ or Go
Soft Skills
- Excellent written and verbal communication skills- Strong analytical and problem-solving capabilities- Ability to explain technical concepts clearly to non-technical stakeholders
You’ll win us over by:
• Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record.
• 6–7 years of proven experience in penetration testing and offensive security
• Certifications (Preferred): - Highly Desirable: OSCP, OSWP, OSWE, GPEN, GWAPT, OSCE, OSEE, GXPN, CPTS, CWEE, CAPE- Other Considered: EWPTXv2 or equivalent advanced offensive security certifications
We’ll support you with:
• Hybrid working Opportunities.
• Diverse and inclusive culture.
• Great variety of learning & development opportunities.
Join us and be yourself!
We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us.
Make your mark in our exciting world at Siemens.
This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries.
Find out more about Siemens careers at: www.siemens.com/careers
We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future.
Does that sound like you? Then it seems like you’d make a great addition to our vibrant team.
We are looking for a Penetration Tester.
This position is available for Chennai Location.
You’ll make a difference by:
• Having experience in Leading and performing complex penetration testing engagements across enterprise networks, cloud infrastructures, web, mobile, APIs, thick clients, and IoT environments.
• Having understanding to Simulate sophisticated real-world attacks (e.g., APT scenarios, lateral movement, chained exploits).
• Conducting Red Team exercises and adversary emulation based on frameworks like MITRE ATT&CK.
• Identifying and exploiting vulnerabilities using both automated tools and advanced manual techniques.
• Reviewing, enhancing, and developing custom scripts, tools, and exploits to support internal testing capabilities.
• Providing expert-level guidance to business units on security risks, remediation strategies, and secure architecture.
• Actively participating in client discussions, executive briefings, and technical workshops.
• Delivering detailed and executive-level reports, including risk ratings, business impact, PoCs, and mitigation steps.
• Maintaining robust documentation of testing methodologies, custom tools, and process improvements.
• Ensuring all engagements align with internal policies, industry frameworks (e.g., OWASP, NIST, ISO), and client-specific compliance standards.
Training and Development
- Stay updated on the latest security trends, vulnerabilities, and technology advancements.- Provide training and guidance to the team and other departments on security best practices.
Strategy and Planning
- Plan and scope penetration testing engagements, ensuring comprehensive coverage and effectiveness.- Participate in the development of security policies and standards.
Technical Expertise
Deep hands-on experience in:
- Web, API, Thick Client and mobile app security testing (e.g., OWASP Top 10 – Web, Mobile, API)- Internal/external network penetration, privilege escalation, and lateral movement- Active Directory assessments and exploitation (Kerb roasting, Pass-the-Hash etc.)- Familiarity with ICS, SCADA, BACnet protocols, and covert communication channels- Wireless, Bluetooth, IoT device, Embedded Security, Cloud (AWS/Azure/GCP), and container security testing- Working knowledge of Kali Linux and frameworks like MITRE ATT&CK- Basic understanding of AI/ML security: adversarial attacks, model poisoning, and secure deployment of AI systems
Proficiency with tools such as:
- Offensive: Burp Suite Pro, Metasploit, SQLMap, Cobalt Strike, Impacket, CrackMapExec, BloodHound, Sliver- Reconnaissance: Nmap, Amass, Shodan, OSINT frameworks/tools- Vulnerability Scanners: Nessus, Qualys, Nexpose
Programming/Scripting:
- Skilled in scripting and exploit development using Python, Bash, PowerShell, and occasionally C/C++ or Go
Soft Skills
- Excellent written and verbal communication skills- Strong analytical and problem-solving capabilities- Ability to explain technical concepts clearly to non-technical stakeholders
You’ll win us over by:
• Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record.
• 6–7 years of proven experience in penetration testing and offensive security
• Certifications (Preferred): - Highly Desirable: OSCP, OSWP, OSWE, GPEN, GWAPT, OSCE, OSEE, GXPN, CPTS, CWEE, CAPE- Other Considered: EWPTXv2 or equivalent advanced offensive security certifications
We’ll support you with:
• Hybrid working Opportunities.
• Diverse and inclusive culture.
• Great variety of learning & development opportunities.
Join us and be yourself!
We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us.
Make your mark in our exciting world at Siemens.
This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries.
Find out more about Siemens careers at: www.siemens.com/careers
Confirmar seu email: Enviar Email