Cyber Security Test Engineer for Security & Privacy (m/f/d), Berlin

Mercedes-Benz Molsheim est une entreprise du groupe Daimler, spécialisée dans la transformation de véhicules industriels. 600 collaborateurs travaillent sur le site de Molsheim.

Responsibilities

• Verification and testing of security and privacy features
• Testability analysis of security and privacy requirements; verification and test strategy, automation plan; develop test cases and test automation; support for reproducing vulnerabilities; and verify fixes of vulnerabilities
• Identify different testing methods (static and dynamic) and tools for testing different security & privacy features
• Conduct penetration tests on defined milestones of the project
• Triaging security issues found by vulnerability scanning tools

Profile

Education:

• Academic degree (BSc/MSc/PhD) in computer science, Information Technology, or a comparable qualification demonstrable through any relevant certification, portfolio, GitHub repositories etc.

Experience:

• At least one year of working experience as a test engineer focusing on cyber security, as a penetration tester or similar experience
• Programming skills in language like C, C++, and Python and able to review codes written in these languages
• Knowledge of cryptography and its application on different cryptographic protocols (e.g. TLS, IPSec, HTTPS, SSH)
• Familiarity with different static/dynamic code analysis tools, binary analysis tools, software/network/hardware fuzzing tools, and vulnerability analysis tools

Nice to have:

• Academic degree with security engineering focus or prior working experience as system engineer for embedded Linux systems with a focus on security/privacy
• Penetration testing experience of embedded systems and software
• Good knowledge of Linux or any UNIX-like operating system and familiarity with different system hardening techniques
• Good understanding of different Linux Kernel security mechanisms like DAC, MAC, ACL, CGROUPS, Capabilities, seccomp, Linux namespaces, netfilter framework, Linux Security Modules (e.g. AppArmor, SMACK, SELinux), audit subsystem, and integrity management subsystem
• Basic understanding of privacy enhancing technologies and privacy regulations (e.g. GDPR)

Personal skills:

• Proficiency in problem solving and can-do attitude
• Ability to handle multiple competing priorities in a fast-paced environment
• Personal initiative, commitment, perseverance and resilience

Language skills:

• Proficient in English. German is a plus.