Cybersecurity Manager_MPIN

Benefits

Additional Information

Key Responsibilties Cybersecurity Manager is required to have the following 02 key responsibilities :- 1. Project Security Manager - Support the IT Owner or Product Responsible Office in the implementation of the cybersecurity requirements, as per Cybersecurity related policies and procedures - Support the creation and maintenance of cybersecurity relevant documentation - Act as the first point of contact regarding cybersecurity within the team developing or operating the IT System or Bosch Product - Distribute information regarding Cybersecurity related policies and procedures within the team developing or operating the IT System or Bosch Product - Support decisions on how to proceed with cybersecurity-relevant changes, vulnerabilities, and cybersecurity incident response 2. Penetration Tester - Scoping and execution of penetration tests against a variety of technologies including web application, mobile and infrastructure - Simulate cyber attacks to identify system vulnerabilities - Develop penetration testing methodologies - Prepare detailed reports on the findings of penetration tests - Recommend and implement improvements to security policies - Keep abreast of the latest penetration testing tools and techniques - Train staff on security awareness and procedures - Collaborate with IT staff to improve system security - Conduct security audits and provide recommendations for improvements - Identify and report findings to management - Act as the subject matter expert for the firm on all aspects of Penetration Testing Required Competencies As Project Security Manager - Must have a suitable academic background, e.g., Bachelor's in Computer Science - Must have the necessary communication and networking skills to communicate with the Project Teams, for both internal and external customers - Deep understanding of the Cybersecurity related policies and procedures - Any Three (03) of the following Domain-specific competencies :-  Secure Software Development  Security Testing  Communication and Network Security  Cloud security  Web Security and Application Security  Cryptography  Identity and Access Management  Security Architectures and Engineering  Security of Connected Products  Hardware Security  Embedded Security All of the following competencies :-  Incident Response  Risk Management  Vulnerability Management  Cybersecurity relevant Laws, Regulations, and Standards  Product Liability  Project Management Skills  Knowledge of the Target Domain  Knowledge of the MPS's operational procedures along the product or IT System life cycle  Leadership skills  Communication and Moderation skills  Cooperation and Networking skills  Trainings and Coaching skills As Penetration Tester - Networking Fundamentals: Understanding TCP/IP, DNS, HTTP/HTTPS, routing, subnets, NAT, common ports and services is crucial for analyzing attack paths and understanding how data flows through networks - Operating System Mastery: Proficiency in Linux and Windows is essential for handling various operating systems and their unique vulnerabilities - Programming & Scripting: Skills in Python for automation and Bash for Linux workflows are valuable for building and managing penetration testing tools - Web Application Security: Knowledge of OWASP Top 10 vulnerabilities, authentication flaws, session issues, SQL injection, cross-site scripting, and other web application security risks is critical - Mobile Application Security: Knowledge of OWASP Top 10 vulnerabilities, and latest tools and techniques for Android and iOS App Penetration Testing - Protocol Level Exploitation: Port Scanning, SQL Injection, DNS Spoofing, HTTP/HTTPS/TLS Attacks - Cloud Security Basics: Understanding cloud security concepts, identity and access management, and storage exposure is important - Tool Mastery: Familiarity with various penetration testing tools and the ability to perform manual testing and report findings is necessary. Mastery over following tools is mandatory :-  Burpsuite  Nessus  OpenVAS  Metasploit  NMAP - Communication & Report Writing: Effective communication and the ability to write clear and concise reports are essential for conveying findings and recommendations to clients - Certifications (desirable): Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or CompTIA Security+ Secure

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Boschgroup? Share your experience