Senior Offensive Security Engineer (m/f)

Company Description

At Bosch, we shape the future by inventing high-quality technologies and services that spark enthusiasm and enrich people’s lives. Our promise to our associates is rock-solid: we grow together, we enjoy our work, and we inspire each other. 

Join in and feel the difference! 

Job Description

As a Senior Offensive Security Engineer, you will be a key member of our corporate central monitoring and overseeing team. Your role is to provide expert oversight and ensure the quality and effectiveness of our offensive security activities. You will act as a subject matter expert, guiding the organization in proactively identifying and mitigating complex security threats. 

Your key responsibilities will include: 

• Quality Assurance: Critically assess multiple penetration test reports from various internal and external teams to ensure the quality, accuracy, and completeness of the findings. 

• Vendor and Team Assessment: Evaluate the efficacy of penetration testing teams and vendors to build a panel of trusted, high-quality security partners. 

• Verification Testing: Be prepared to conduct independent, hands-on penetration tests to validate the quality of assessments performed by other teams. 

• Strategic Guidance: Support the development and implementation of the corporate cybersecurity resilience roadmap by providing an adversarial perspective. 

• Stakeholder Communication: Serve as a key liaison between the central cybersecurity team and business stakeholders, clearly articulating risks and recommendations to peers and senior management. 

• Knowledge Sharing: Interface with development and infrastructure teams to strengthen secure development and operational practices throughout the organization. 

Qualifications

• Industry Experience: 4-8 years of professional industry experience, with at least 5 years dedicated to cybersecurity roles. 

• Core Skills: Extensive, hands-on experience and deep technical knowledge in penetration testing is a primary requirement. 

• Broad Knowledge Base: You should have a wide-ranging security knowledge base, primarily focused on enterprise IT. Preferably, you also have some knowledge of product security and Operational Technology (OT) security. 

• Communication & Presentation: You must have excellent written and verbal communication skills in English, with a proven ability to create high-quality reports and present complex technical findings to both technical and senior management audiences. 

• Analytical Mindset: You possess strong analytical skills to assess reports, identify patterns, and evaluate the effectiveness of security assessments. 

• Learning Mindset: You have a passion for continuous learning and are driven to stay current with the ever-evolving landscape of security threats, vulnerabilities, and mitigation techniques. 

Additional or Preferred Qualifications 

• Relevant industry certifications such as OSCP, GPEN, GWAPT, GXPN, or CISSP are highly desirable. 

• Experience in Red Teaming, threat modeling, or vulnerability research. 

• Familiarity with major cloud platforms (AWS, Azure, GCP) and their security services. 

• Knowledge of cybersecurity frameworks like the MITRE ATT&CK framework. 

• Experience working within a large, global corporate environment. 

Additional Information

Bosch’s culture of innovation and digital transformation offers you a fantastic platform to grow your skills and enhance your network. We are dedicated to building a warm, open, transparent, and inclusive work environment for all.

Work #LikeABosch:

• Employment Contract
• Competitive salary + annual bonus
• Hybrid work with flexible working hours
• Referral Bonus Program
• Copyright costs for IT employees

Grow #LikeABosch:

• Complex environment of working, professional support and possibility to share knowledge and best practices
• Ongoing development opportunities in a multinational environment
• Broad access to professional trainings (incl. language courses), conferences and webinars

Live #LikeABosch:

• Private medical care and life insurance
• Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
• Prepaid Lunch Card 
• Number of benefits for families (for instance summer camps for kids)
• Non-working day on the 31st of December