Penetration Tester | Application Security Specialist

Company Overview

Daimler Truck is committed to enhancing its cybersecurity posture across global products and platforms. We emphasize innovation and security as foundational pillars of our mission, ensuring our systems are robust against evolving threats.

Job Summary

We are looking for a skilled and passionate Penetration Tester with a minimum of 7 years of hands-on experience in offensive security. The ideal candidate must be OSCP or CRTP certified and possess deep technical expertise in identifying vulnerabilities. This role will contribute directly to improving the cybersecurity posture of Daimler Truck's global products and platforms.

Responsibilities

• Perform penetration testing and security assessments of web applications, APIs, Android, iOS, cloud infrastructure, embedded systems, and network environments.
• Conduct threat modeling and vulnerability assessments during different stages of the Software Development Lifecycle (SDLC).
• Simulate real-world attacks to identify potential security weaknesses in enterprise and automotive systems.
• Provide detailed and well-documented reports of findings with actionable remediation guidance.
• Collaborate with development, architecture, DevOps, and infrastructure teams to mitigate vulnerabilities and strengthen security controls.
• Perform retesting to validate resolved vulnerabilities.
• Stay current on the latest attack techniques, vulnerabilities, and tools in the cybersecurity domain.
• Contribute to internal knowledge bases, red team frameworks, and automation of recurring testing processes.

Qualifications

• Minimum 4-5 years of professional experience in penetration testing, ethical hacking, or red teaming.
• Mandatory certification: OSCP or CRTP.
• Solid experience using penetration testing tools such as:
  • Burp Suite
  • Metasploit
  • Nmap, Nikto, SQLmap, John the Ripper, Hydra, etc.
• Proficiency in scripting languages like Python, Bash, or PowerShell for automation.
• Strong understanding of:
  • OWASP Top 10 vulnerabilities
  • Secure coding practices
  • Network protocols and architecture
  • Web and mobile application security
• Experience working in Linux and Windows environments.
• Familiarity with threat modeling and security frameworks like MITRE ATT&CK, NIST, and STRIDE.

Preferred Skills

• Additional certifications in security and penetration testing domains.
• Experience with automation in security testing processes.

Experience

At least 7 years of hands-on experience in penetration testing or related fields is required.

Environment

Work setting and location are not specified, but typical environments could include office-based or remote settings that focus on collaboration and security.

Salary

Salary details are not specified.

Growth Opportunities

Potential career advancement opportunities within the cybersecurity team may include senior technical roles or specialized security positions.

Benefits

Details on offered benefits are not specified.