Cybersecurity Penetration Testing Specialist

About the Company

What we do - And why!

Mobility connects people. People shape mobility. With thousands of professionals worldwide, we develop advanced automotive systems, enabling safe, connected and software-defined vehicles. As vehicle architectures evolve toward higher connectivity, automation and service orientation, cybersecurity becomes a core system property.

About the Role

We are looking for a Cybersecurity Penetration Testing Specialist to strengthen our cybersecurity team with a focus on offensive security, penetration testing and security validation, while keeping a holistic view on automotive cybersecurity across the full vehicle lifecycle. This role is ideal for engineers who enjoy hands-on technical work, but can also adapt to different project contexts, customers and system scopes, remaining within a coherent cybersecurity technical domain.

Responsibilities

• Conduct vulnerability assessments, identify threat vectors, support Threat Analysis and Risk Assessment (TARA)
• Plan and execute automotive penetration testing on vehicle systems, ECUs and connected services across different E/E domains
• Perform offensive security testing using black-box, grey-box and white-box approaches
• Identify and analyze security weaknesses at hardware, firmware and software level, including in-vehicle networks and diagnostic interfaces
• Translate penetration testing findings into clear technical reports and actionable measures, supporting the integration of security measures into the design and development processes
• Conduct security gap analysis against automotive cybersecurity standards and regulations (ISO/SAE 21434, UNECE R155)
• Manage cybersecurity penetration testing activities, coordinating operational level testing engineers to ensure project delivery
• Stay up to date on automotive cyber threats, attack techniques and testing methodologies, continuously evolving internal capabilities
• Contribute to a cybersecurity-aware engineering culture through knowledge sharing and technical guidance

Qualifications

• Master’s degree in Computer Science, Electronics, Mechatronics, Vehicle Engineering or a related field

Required Skills

• Strong background in automotive cybersecurity, including penetration testing, vulnerability assessment and security validation of embedded systems
• Solid knowledge of automotive E/E architectures, in-vehicle networks (CAN, LIN, FlexRay, Ethernet), ECU software architectures, diagnostics and flashing mechanisms
• In-depth understanding of automotive cybersecurity standards and regulations (ISO/SAE 21434, UNECE R155)
• Hands-on experience in penetration testing, offensive security or security testing, preferably in automotive or embedded environments
• Ability to operate across multiple cybersecurity activities (penetration testing, TARA, security concept support, verification & validation), adapting to different project contexts
• Strong analytical and communication skills, with the ability to document findings and interact effectively with technical and non-technical stakeholders
• Experience with security testing tools, scripting or automation (e.G. Python, fuzzing frameworks) is a plus
• Project coordination mindset, with strong collaboration skills and experience working in multi-disciplinary teams
• Familiarity with certification processes & effective engagement with certification authorities
• Fluent English, German is a plus