Penetration Tester | Application Security Specialist

Company Overview

Company information is not specified in the provided details.

Job Summary

We are seeking a skilled and passionate Penetration Tester with at least 4 years of hands-on experience in offensive security. The ideal candidate must hold either OSCP (Offensive Security Certified Professional) or CRTP (Certified Red Team Professional) certification, possess deep technical expertise in identifying vulnerabilities, and have a strong command of tools such as Burp Suite, Metasploit, and others used in red teaming and security testing. This role will directly contribute to enhancing the cybersecurity posture of Daimler Truck's global products and platforms.

Responsibilities

• Perform penetration testing and security assessments of web applications, APIs, Android, iOS, cloud infrastructure, embedded systems, and network environments.
• Conduct threat modeling and vulnerability assessments during various stages of the Software Development Lifecycle (SDLC).
• Simulate real-world attacks to identify potential security weaknesses in enterprise and automotive systems.
• Provide detailed reports of findings with actionable remediation guidance.
• Collaborate with development, architecture, DevOps, and infrastructure teams to mitigate vulnerabilities and strengthen security controls.
• Perform retesting to validate resolved vulnerabilities.
• Stay current on the latest attack techniques, vulnerabilities, and tools in the cybersecurity domain.
• Contribute to internal knowledge bases, red team frameworks, and automation of recurring testing processes.

Qualifications

• Minimum 4-5 years of professional experience in penetration testing, ethical hacking, or red teaming.
• Mandatory Certification: OSCP or CRTP.
• Solid experience using penetration testing tools such as:
  • Burp Suite
  • Metasploit
  • Nmap, Nikto, SQLmap, John the Ripper, Hydra, etc.
• Proficiency in scripting languages like Python, Bash, or PowerShell for automation.
• Strong understanding of:
  • OWASP Top 10 vulnerabilities
  • Secure coding practices
  • Network protocols and architecture
  • Web and mobile application security
• Experience working in Linux and Windows environments.
• Familiarity with threat modeling and security frameworks such as MITRE ATT&CK, NIST, and STRIDE.

Preferred Skills

• Additional knowledge of advanced security practices and tools relevant to the penetration testing field is a plus.

Experience

• At least 4-5 years of relevant experience in penetration testing, ethical hacking, or red teaming.

Environment

• Work environment details are not specified in the provided information.

Salary

• Salary details are not specified in the provided information.

Growth Opportunities

• Details regarding potential career advancement opportunities are not specified in the provided information.

Benefits

• Benefits details are not specified in the provided information.