Security Engineer - Red Team

Munich
IT & Security – Security
Full-time
We are AID GmbH: 
AID-Autonomous Intelligent Driving is bringing together the world’s top software, roboticists and AI talent to ignite a human centered revolution in autonomous driving. By understanding the human challenges as well as the engineering ones, the technology we are testing today on the streets of Munich will become the backbone of a universal self-driving system – capable of improving life in urban environments for billions of people. With the agility of a start-up and the support of Audi (VW Group), AID is free to craft an autonomous world that works for everyone – from manufacturers to passengers to city planners to pedestrians. For us, the future isn’t about merely making vehicles more autonomous, it’s about making people more autonomous.

AID is looking for an ethical hacker that can deliver technical firepower to execute tactical, offensive security assessments across our environments. This individual should have extensive experience across the attack lifecycle and demonstrated capacity to deliver goal oriented assessments that positively benefit our prevention, detection and response capabilities.
 
Security is of paramount importance to the development and testing of AID’s self driving system (SDS). It enables engineers to rapidly iterate the subtle consequences of any change to the SDS. In this Autonomous Vehicle (AV) Offensive Security role, you will help ensure the highest level of security of AID’s autonomous vehicles by engaging with all stages of the development lifecyle, from threat analysis to penetration testing. The goal is to identify security flaws in product designs and/or implementations related to AID’s autonomous vehicles and its connected ecosystem.

Responsibilities:

    • Development of threat models of autonomous vehicle systems (including connected ecosystem)
    • Model AID’s vehicle infrastructure and application stack from attacker’s perspective
    • Penetration testing of Autonomous Vehicle (AV) systems
    • Collaborating with engineering on security related information during development lifecycle
    • Keep abreast of new vulnerability and attack patterns as it relates to AV technology
    • Work with engineering teams to help build security knowledge and resolve security issues
    • Develop technical solutions to help mitigate security vulnerabilities
    • Advocate security and secure practices throughout AID
    • Conduct research to identify new attacks vectors against Autonomous Vehicles and related services
    • Take part in red team and offensive security exercises
    • Perform research to identify new 0-day vulnerabilities in the AV space
    • Build tooling to automate red teaming exercises and open-source wherever possible
    • Engage security researchers as part of bug bounty program to scale the testing

Skills:

    • 5+ years of penetration testing of computer systems/applications/networks
    • Deep expertise in reverse engineering software
    • Experience with devices security
    • Experience in tailored reconnaissance, weaponization, exploitation, and lateral movement
    • In-depth knowledge in C/C++
    • Practical threat modeling
    • In-depth technical knowledge of Unix OS
    • Curious and inventive thinker and not afraid to hack anything and everything

Qualifications & Experience:

    • BS/MS/PhD degree in Computer Science or similar technical degree, or equivalent practical experience
    • 5+ years of experience in network security
    • 5+ years of experience in vulnerability testing
    • Strong tool development experience in Python/Perl/RoR
    • Well versed in common application assessment tools
    • Research background in automotive security is a big plus
Life at AID GmbH: 
Our state-of-the-art offices are in the heart of beautiful Munich. We’re an agile, creative and dynamic start-up with people, innovation and teamwork at the core of our values. We reward our employees with excellent salary and benefits packages including, on-site language courses, mobile phone, subsidized lunches in the company bistro, subsidized gym membership, social events, BBQ’s and much more.
 
We value diversity and as an equal opportunities employer we encourage applications from all suitably qualified individuals. AID is a multicultural organization with employees from over 40 different countries, as such we provide visa and relocation support to all new employees. As an organization our primary business language is English, so where possible please provide a copy of your resume in English.
 
What are you waiting for? Help us to build the future.