Incident Response & Reverse Engineering Penetration Tester (f/m/d)

Náplň práce, právomoci a zodpovednosti:
Do you want to help shape the future of healthcare? Join our global Corporate Cybersecurity team as an Incident Response & Reverse Engineering Penetration Tester (f/m/d). In this mid-to-senior individual contributor role, you will strengthen the cybersecurity resilience of Siemens Healthineers products by combining Product Security Incident Response (PSIRT) with advanced offensive security and reverse engineering expertise.

Your Responsibilities
Product Security Incident Response (PSIRT)

• Triage, investigate, and manage security incidents affecting healthcare products and solutions
• Manage security forensic investigations by collecting, preserving, and analyzing electronic evidence from systems and devices
• Perform digital forensics and technical incident response across Windows, Linux, cloud, containerized, and embedded environments
• Analyze logs, memory, binaries, and network artifacts to determine root cause and impact
• Support containment, eradication, and recovery activities in close collaboration with product engineering teams
• Produce clear, high-quality incident reports, root-cause analyses, and post-incident documentation
• Coordinate incident handling activities across product security, legal, privacy, quality, and communications stakeholder

Reverse Engineering & Offensive Security

• Conduct reverse engineering of firmware, binaries, and applications to identify product vulnerabilities
• Perform vulnerability research including memory corruption, cryptographic weaknesses, and logic flaws
• Execute authorized penetration tests against products, healthcare devices, IoT components, and cloud platforms
• Align offensive findings with real-world attacker techniques using threat models such as MITRE ATT&CK
• Feed penetration testing and reverse engineering insights back into PSIRT processes and prevention measures

Zamestnanecké výhody, benefity:

• Variable and Christmas bonus
• Hybrid type of work – combination of telework and work from office
• Flexible Working Hours
• Bridge days – free extra paid leave 6 days per year
• 3 sick days per year (no doctor’s permit needed)
• In case of sickness 100% salary reimbursement 20 days/ year, this includes max. 10 days/ year for of family care
• Additional pension plan
• 300 EUR for regeneration of work force via cafeteria system
• Wellbeing program – Psychological, Legal and Financial Councelling
• Family care program (subsidy for newborns, maternity leave, kindergardens, summer camps)
• Retention program (work anniversary, life anniversary, employee loans)
• Training and development program (business and product trainings, e-learning, language courses, soft skills trainings,…)
• Adjustable standing desk as a standard
• Participation on world famous IT conferences like Microsoft IGNITE for best employees
• Wide project portfolio in healthcare domain and job rotation within company (Cybersecurity, Artificial Intelligence, Healthcare IT services, …)

Our Culture
At Siemens Healthineers, we value different perspectives, continuous learning, and collaboration. You will work in an international environment with highly skilled experts who are passionate about protecting innovative healthcare technology and improving patient safety worldwide.

Požiadavky na zamestnanca:

• 5+ years of experience in cybersecurity incident response, digital forensics
• Strong hands-on experience with reverse engineering and offensive security techniques
• Solid understanding of system, application, and product security threats
• Experience working in regulated, safety-critical, or high-assurance environments is highly beneficial
• Ability to remain structured, analytical, and effective during high-pressure incident situations
• Excellent written and verbal communication skills in English

Technical Skills

• Incident response and digital forensics methodologies
• Reverse engineering tools such as Ghidra, IDA Pro, Radare2, and debuggers
• Penetration testing frameworks and post-exploitation techniques
• Scripting and automation using Python, Bash, and/or PowerShell
• Familiarity with Windows, Linux, Active Directory, cloud platforms (Azure, AWS), and container technologies
• Threat modeling and attacker TTP analysis