Harman

About the Role

We’re looking for a Vulnerability Management Expert to join our Global Product Cybersecurity team. You will be cooperating with the Vulnerability Manager and collaborate closely with the CTI automation, pentesting team and IT security. The Vulnerability Management team identifies and prioritizes all threats and vulnerabilities in our Product environment and provides respective reports to key stakeholders. If you are passionate about Product Security and want to develop solutions that will secure our enterprise across all Harman lines of business, then we want to talk to you.

What You Will Do

• Closely collaborate with the Harman global Vulnerability Management (VM) team and ensure smooth operations.
• Drive and lead the analysis, rate, and confirm vulnerabilities reported by external researchers, as well as new technical vulnerabilities according to their business impact and prioritize remediation activities.
• Lead the Development of VM-related applications / scripts as well as provide Software Quality Assurance.
• Lead peripheral application and infrastructure patching tasks on the vulnerability remediation process.
• Lead tasks and root cause analysis for incident response for critical vulnerability
• Mentor less experienced team members in growth and support the vulnerability manager

What You Need

• BA/BS or MS Degree in a relevant field or 3-6+ years of industry experience in a cyber security role
• SANS GIAC Enterprise Vulnerability Assessor Certification, Penetration Tester, Web Application Penetration Tester, Exploit Researcher and Advanced Penetration Tester
• 3-6+ years in a technical cyber security position within corporate, military, or law enforcement.
• Experience in IT, embedded systems, hardware testing, threat intelligence, or cyber security.
• An honest professional with significant influence on team dynamics, promoting a culture of knowledge sharing and collaboration.
• Ability to work under pressure, facilitating discussions and decisions.
• Experiences in improving a vulnerability management process, incident response process handling and/or vulnerability-scanning concepts in OT/ICS, embedded or product environment.
• Excellent knowledge of cyber security standards, risks, threats, prevention measures, and best practices.
• Proficient in programming/scripting languages like Python, bash, ruby.
• English (C1-C2); German is beneficial.
• Capable of providing specialized guidance and managing tasks autonomously.
• Understanding of software/hardware and cybersecurity controls, frameworks, and terminology.

What is Nice to Have

• Cybersecurity experience (preferably from IT/OT and IoT/automotive)
• At least one of the following certifications or a similar one will be a plus:
  • Offensive Security Certified Professional (OSCP)
  • Offensive Security Certified Expert (OSCE)
  • ISC2: CISSP
• Knowledge of cybersecurity standards and organizations (CC, FIPS, NIST)
• Risk management knowledge
• Active participation of conferences, consortiums, CTFs (capture the flag)
• Publications, Blogs or Repos of past Cybersecurity work
• Knowledge of CSIRT or PSIRT

What Makes You Eligible

• Be willing to travel up to 5% of the time, domestic and international travel.
• Be willing to work in an office in Europe (TBD)

What We Offer

• Work in international project team with the biggest worldwide automotive customers,
• Training on the job and technical trainings,
• Further development opportunity.
• A great package of additional benefits such as:
  • flexible working time,
  • private healthcare (LuxMed),
  • Mybenefit cafeteria,
  • Language learning platform- eTutor,
  • employee discounts on HARMAN products (JBL),
  • game room,
  • additional days off,
  • and much more…