Senior ML Security Engineer developing security tools and frameworks for ML workflows. Ensuring proactive vulnerability detection and compliance with ML security standards at NXP.
About the role
- Senior Consultant Penetration Testing role executing penetration tests on web and mobile applications and conducting security assessments. Collaborating with clients to enhance IT security across various sectors.
Responsibilities
- Apply hacking skills in the form of web, mobile app and infrastructure penetration tests or Red Teaming projects — remotely and on client sites
- Explain test results in detailed project reports and persuade clients with recommendations to improve their IT security
- Continuously take on new topics and learn current technologies, contribute to the development of internal tools or systems, and explore new tactics, techniques and procedures (TTPs)
- Stay up to date through company-sponsored conferences, training, experiments, regular knowledge transfers and joint internal CTF and HackTheBox sessions
- Gain exposure to adjacent areas, such as incident response/forensics or configuration audits
- Propose ideas for new projects and make a tangible contribution to building and expanding our client relationships
Requirements
- Several years of experience and broad technical knowledge across different areas (e.g., how networks work, operating system fundamentals, cloud platforms, Active Directory, databases, firewalls, web technologies and their typical security issues)
- Experience working with intercepting proxies (e.g., Burp), C2 frameworks (e.g., Cobalt Strike), vulnerability scanners and common operating systems, plus a desire to quickly become familiar with new tools
- Routine in producing reports and presentations in German and in communicating content clearly
- University degree or professional experience in this field, relevant certifications, or self-taught expertise with the willingness to deepen subject-matter knowledge in this area
Benefits
- We subsidize not only your JobRad (company bike) but also your public transport (ÖPNV) ticket, saving both the environment and your wallet.
- We support your gym membership and preventive health care.
- We enable work–family balance according to your needs, including the option for mobile/remote working.
- We offer 30 days of vacation per year. With only one vacation day you can take off on Christmas Eve and New Year's Eve. If you need a longer break, we offer the option of a sabbatical.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Lead a multidisciplinary team at NXP focused on the proactive identification and analysis of security vulnerabilities in semiconductor products. Drive innovative approaches to security testing and team management.
Security Architect designing security architectures for embedded products at NXP. Collaborating with teams on threat assessments and managing security requirements in IoT/Automotive domains.
Security Software Engineer at Pinterest developing IAM infrastructure and tools for identity and authorization. Collaborating on mission - critical features in a team - focused environment.
Senior Network and Security Information Analyst defining and implementing network and information security at Airbus. Managing security assets and compliance across the organization while documenting and reporting vulnerabilities.
Associate Consultant for Microsoft Security focused on supporting the delivery of security solutions. Collaborate with experienced consultants and learn in a remote - first environment with occasional onsite work.
Software Engineering Intern at Red Hat working on the security of software production pipelines. Contributing to projects involving AI tools and secure development practices in Brno, Czech Republic.
Technical support intern assisting clients and monitoring backup systems. Involves client interaction, system maintenance, and adherence to legal standards.
GRC Lead managing security compliance and risk governance in Egypt. Driving initiatives for ISO 27001 alignment and overseeing security audits and policies.
Cybersecurity Engineer responsible for safeguarding information systems and developing cyber security capabilities. Involves project management and collaboration through all phases of software development lifecycle.