Job description

Requirements

  • Entry level
  • No Education
  • Salary to negotiate
  • Beijing

Description

Objectives of the Position
•Providing a secure and trustworthy customer journey is one of our most important objectives. In order to expand our cybersecurity capabilities, Daimler Greater China (DGRC) is seeking a Cyber Security Offensive Specialist. He/she is responsible to consistently execute the global architecture and security strategy.
•The main objective for the Offensive Security Specialist is to perform penetration tests against critical applications within the DGRC application landscape.
•The Specialist will also support the identification and remediation of vulnerabilities as a result coming from penetration tests to meet DGRC and other Daimler China entities’ needs and business requirements.
•Offensive Penetration Testing: (80%)
-Penetration testing and reverse engineering of rich clients (like Java applets, Microsoft ActiveX or PAI rich client applications) and mobile apps (like IOS Hybrid- and Binary-Apps, Android Java and Native Apps and Blackberry Java-Apps).
-Penetration testing of SAP systems and applications (like technical inspection of SAP ABAP and SAP Java)
-Penetration testing of infrastructure components.
-Penetration testing of web applications web services
-Supporting application development teams & projects in security concerns
-Support the system architecture to identify potential security threats and vulnerabilities and determine their impact.
-Coordinate with involved parties and monitor remediation activities.
-Provide guidance and recommendations for remediating application vulnerabilities.
-Cooperation in the implementation of best practice solutions in the security area.
•Consulting & Innovation Support: (10%)
-Provide expert consulting and on-demand support to innovation initiatives to drive speed to value.
-Provide expert security support and consultant within projects
•Proactive Guidance: (10%)
-Actively communicate and keep abreast of the latest trends in application security and cyber security threats.
-Stay current on industry leading practices.
-Proactively identify opportunities for improvements in application security.
Task description
•Penetration Testing incl. Re-Tests within the given DGRC application landscape has to be done within a given Daimler IT/QG method for every single nominated DGRC application (e.g. nominated by ISO), broken down into the following steps:
-Coordinate with involved parties and monitor remediation activities.
-Communicate with ISO, Customer, ITS Operations and Application Owner
-Planning, assemble & analyze the IT infrastructure where the application is running, i.e.:
OPM, Network structure, Architecture Diagrams, Operating Models, Security Profiles, Source Code…
•Setup and prepare scanning tool (Nessus) – start scanning activities
•Analyze the results and try to penetrate the application (e.g. Using OWASP)
•Rate the risks according Common Vulnerability Scoring System (CVSS)
•Describe penetration results, prioritize results according to the security risk
•Creating tickets
•Creating reports, e.g.: Logs and log files, Port-Scan results, List of all compromised accounts, Report In the reporting template predefined by IT/QG
-Entry points that have been identified
-Test methodology
-Management Summary
-Identified vulnerabilities with DREAD-rating including screenshots
-Recommended actions including linking to existing measures / Solutions in EPIC / Code Hard and Solution Space


Objectives of the Position
•Providing a secure and trustworthy customer journey is one of our most important objectives. In order to expand our cybersecurity capabilities, Daimler Greater China (DGRC) is seeking a Cyber Security Offensive Specialist. He/she is responsible to consistently execute the global architecture and security strategy.
•The main objective for the Offensive Security Specialist is to perform penetration tests against critical applications within the DGRC application landscape.
•The Specialist will also support the identification and remediation of vulnerabilities as a result coming from penetration tests to meet DGRC and other Daimler China entities’ needs and business requirements.
•Offensive Penetration Testing: (80%)
-Penetration testing and reverse engineering of rich clients (like Java applets, Microsoft ActiveX or PAI rich client applications) and mobile apps (like IOS Hybrid- and Binary-Apps, Android Java and Native Apps and Blackberry Java-Apps).
-Penetration testing of SAP systems and applications (like

About the company

Daimler AG is one of the world’s most successful automotive companies. With its divisions Mercedes-Benz Cars, Daimler Trucks, Mercedes-Benz Vans, Daimler Buses and Daimler Financial Services, the Daimler Group is one of the biggest producers of premium cars and the world’s biggest manufacturer of commercial vehicles with a global reach. Daimler Financial Services provides financing, leasing, fleet management, insurance, financial investments, credit cards, and innovative mobility services.

The company’s founders, Gottlieb Daimler and Carl Benz, made history with the invention of the automobile in the year 1886. As a pioneer of automotive engineering, Daimler continues to shape the future of mobility today: The Group’s focus is on innovative and green technologies as well as on safe and superior automobiles that appeal to and fascinate. Daimler consequently invests in the development of alternative drive trains with the long-term goal of emission-free driving: from hybrid vehicles to electric vehicles powered by battery or fuel cell. Furthermore, the company follows a consistent path towards accident-free driving and intelligent connectivity all the way to autonomous driving. This is just one example of how Daimler willingly accepts the challenge of meeting its responsibility towards society and the environment.

The brand portfolio of Daimler comprises Mercedes-Benz, Mercedes-AMG, Mercedes-Maybach, Mercedes me, smart, EQ, Freightliner, Western Star, BharatBenz, Fuso, Setra, Thomas Built Buses as well as Mercedes-Benz Bank, Mercedes-Benz Financial Services, Daimler Truck Financial, moovel, car2go and mytaxi.

Companies in this sector

Hives where you can find this job offer