Siemens Energy
“We energize society” door onze klanten te ondersteunen in hun transitie naar een duurzamere wereld, met behulp van innovatieve technologieën en ons vermogen om ideeën tot werkelijkheid te brengen. Met bijna 100.000 medewerkers wereldwijd creëren wij de energie systemen van vandaag en morgen.
Over de functie
Locatie
Duitsland
Bayern
Munich
Bedrijf
Siemens Energy Global GmbH & Co. KG
Organisatie
EVP Global Functions
Bedrijfseenheid
Cybersecurity
Voltijd/deeltijd
Fulltime
Ervaringsniveau
Experienced Professional
A Snapshot of Your Day
You start your day reviewing ongoing engagements and setting up AI-assisted reconnaissance and penetration tests in complex IT/OT environments. As you dig into systems, you combine automated insights with hands-on testing to uncover and validate vulnerabilities. Midday, you focus on evaluating and refining AI-driven security tools and workflows — checking their accuracy, validating results manually, and improving how they scale across projects. You also analyze AI-enabled applications, identifying risks like prompt injection or data leakage, and develop proof-of-concepts to demonstrate real impact. Throughout the day, you collaborate with engineers and stakeholders, translating findings into clear recommendations and helping teams strengthen their security posture. You wrap up by documenting results, sharing lessons learned, and contributing to better, more secure AI practices across the organization.
How You’ll Make an Impact
- Assess IT/OT infrastructures, products and services using red team and penetration test methods with an explicit focus on AI-enabled/AI-targeting techniques (AI-assisted recon, vulnerability discovery, exploitation support, and reporting), while maintaining strong manual testing depth
- Test and validate AI-driven security tools (e.g., LLM-based pentest assistants, agentic scanning workflows, code-audit assistants) by defining evaluation criteria, benchmarking accuracy/coverage, and verifying results with reproducible manual validation
- Design, build and continuously improve an AI-driven red team platform (workflow orchestration, knowledge base/RAG, tool integrations, auditability, …) to scale engagements safely and consistently across teams
- Perform security assessments of AI-enabled products and AI including prompt injection, indirect prompt injection, tool/plugin abuse, data exfiltration, jailbreaks, insecure output handling, supply-chain risks, and model-level/ML pipeline threats
- Drive vulnerability research and threat modeling for both classical and AI-specific attack paths; develop proof-of-concepts (scripts, harnesses, prompts, agent workflows) to demonstrate impact, rate findings (e.g., CVSS where applicable), and provide clear remediation guidance
- Communicate AI and security risks to engineers and management; run lessons learned; coach teams on secure-by-design AI adoption (guardrails, data handling, evaluation, monitoring) and contribute to internal standards, playbooks, and training
- Bachelor’s degree (or higher) in Computer Science, IT, Engineering, Data Science, or related field; demonstrated specialization in cybersecurity and/or applied AI
- Hands-on experience in penetration testing or red team, plus proven experience applying automation/AI to scale offensive security work (tooling, scripting, pipelines, or platforms)
- Strong knowledge of modern attack methods and hands-on pentest toolchains (e.g., Burp Suite, Nmap, Metasploit, Kali) combined with strong Python development skills and experience integrating/testing AI-based tools (LLM APIs, agent frameworks, retrieval, evaluation/benchmarking, and secure prompt engineering)
- Ability to explain complex technical topics (security and AI) to both engineering teams and management, including limitations/uncertainty of AI-driven results and how they were validated
- Practical experience assessing AI-enabled applications and architectures (APIs, microservices, cloud services, plugins/tools) and identifying AI-specific issues such as prompt injection, insecure tool invocation, data leakage via retrieval, and insecure output handling; experience with threat modeling is required
- Proficiency in Python and at least one additional language (e.g., C/C++, Java, .NET) plus solid understanding of ML/LLM fundamentals (training vs. inference, embeddings, retrieval, evaluation). Experience with CI/CD, containers, and MLOps/LLMOps concepts (model/prompt versioning, telemetry, secure deployment) is highly valued. OT/ICS know-how (PLC/SCADA) remains a plus
- Fluent English (verbal and written) including security and AI terminology; German is a plus
Our Global Functions are essential in driving the company's strategic initiatives and ensuring operational excellence across various departments, business areas, and regions. These roles support our vision to become the most valued energy technology company in the world. As part of our team, you contribute to our vision by shaping the global energy transition, partnering with our internal and external stakeholders, and conducting business responsibly and in compliance with legal requirements and regulations.
Who is Siemens Energy?
At Siemens Energy, we are more than just an energy technology company. With ~100.00 dedicated employees in more than 90 countries, we develop the energy systems of the future, ensuring that the growing energy demand of the global community is met reliably and sustainably. The technologies created in our research departments and factories drive the energy transition and provide the base for one sixth of the world's electricity generation.
Our global team is committed to making sustainable, reliable, and affordable energy a reality by pushing the boundaries of what is possible. We uphold a 150-year legacy of innovation that encourages our search for people who will support our focus on decarbonization, new technologies, and energy transformation.
Find out how you can make a difference at Siemens Energy: https://www.siemens-energy.com/employeevideo
Lucky for us, we are not all the same. Through diversity we generate power. We run on inclusion and our combined creative energy is fueled by over 130 nationalities. Siemens Energy celebrates character – no matter what ethnic background, gender, age, religion, identity, or disability. We energize society, all of society, and we do not discriminate based on our differences.
Rewards/Benefits
- In addition to an attractive remuneration package in line with the market, you can expect an attractive employer-financed company pension scheme
- We also offer the opportunity to become a Siemens Energy shareholder
- We offer our employees the opportunity to work flexibly and remotely, and our inspiring offices provide space for collaboration and creativity
- The professional and personal development of our employees is very important to us. We provide them with the opportunities to learn and develop in a self-determined way, various attractive programmes and learning materials are available for this purpose
- In relation to the "compatibility of family and work", we have a wide range of offers, e.g. flexible working time models, childcare places at many locations, the possibility of trial part-time work or even a sabbatical