Requirements

Expected technologies

Java

SQL

Python

Our requirements

• Basic software development skills in Java/ Python/ SQL etc.
• Basic understanding of Cloud technology, with a fair understanding of services being offered by at least the major Cloud Service Providers.
• Previous experience with Security Engineering
• Experience working with agile methodologies (like SCRUM)
• Hands-on experience in penetration testing/ ethical hacking/ bug-bounty hunting would be preferable.
• Understanding of cyber security processes (vulnerability management, threat management, incident handling, security monitoring, etc.)
• Knowledge of Secure SDLC and secure architecture principles
• Knowledge of analytical tools to derive insights from assessment reports
• Knowledge of cybersecurity frameworks and standards like ISMS, NIST RMF, MITRE ATT&CK framework etc.
• Comfortable interacting with engineers for solving complex problems as well as senior management roles to apprise them of the cybersecurity perspective in existing processes.
• You are a self driven individual who is comfortable in an environment where priorities can change frequently.
• You have strong analytical thinking and the ability to use data insights to inspire new thinking and influence decisions.
• You own your decisions and the outcomes thereof towards the overall benefit of the broader organization.
• You like to explore the ever-changing knowledge graph to stay up-to-date with latest technology/ tools.
• You like to explore and get things done, you are not afraid of making mistakes and you like to learn more.
• Bachelor's Degree and 5+ years experience in cybersecurity/ enterprise engineering, product/technical program management.
• 2+ years of experience managing cross-functional and/or cross-team projects.

Optional

• Experience investigating security vulnerabilities and exploits
• Professional experience in security assessment, vulnerability management, triage, and communication
• Demonstrated knowledge of the Security Development Lifecycle (SDLC)
• In-depth knowledge or strong demonstrated capacity to learn product and service security concepts
• Ability to distill and explain complex technical and security concepts to different types of audiences
• Relevant Cybersecurity certifications like OSCP/ CISM/ CISA/ CISSP/ ISO 27001 LA

Your responsibilities

• Support the development and implementation of a Cyber Security resilience road map.
• Analyze the cybersecurity posture of software applications on web, cloud, enterprise to identify areas of concern and prepare road map for mitigation of common, recurring vulnerabilties
• Interface with development teams within the organization to strengthen cybersecurity practices
• Conduct and participate in resiliency exercises across domains to determine security requirements and specifications.
• Manage external and internal stakeholders' communication
• Maintain good communication with stakeholders in the governance vertical as well as the development and cybersecurity assessment verticals establishing synergy towards achievement of an organizational cybersecurity resilience.
• Support in development and implementation of information/ cyber security controls and change initiatives across the Bosch group.
• Support in deriving and implementing methods to improve cybersecurity in repetitive development processes.