Daimler AG is one of the world’s most successful automotive companies with 130 year history started in 1886 by Carl Benz and Gottlieb Daimler, who invented the first gasoline engine in automobile and changed the way people travelled.
With its divisions Mercedes-Benz Cars, Daimler Trucks, Mercedes-Benz Vans, Daimler Buses and Daimler Financial Services, the Daimler Group is one of the biggest producers of premium cars and the world’s biggest manufacturer of commercial vehicles with a global reach.
About Mercedes-Benz Research & Development India
Headquartered in Bengaluru was founded in 1996 as a captive unit to support Daimler’s research, IT and product development activities.
We focus on topics ranging from computer-aided design and simulations (CAD, CAE) for powertrain, chassis and exteriors to embedded systems, telematics and developing various IT applications and tools.
The satellite office in Pune specializes in interior component designs and IT engineering. It is now one of the largest global R&D centers outside Germany, employing more than 3000 + skilled engineers.
It aims to partner closely with suppliers in India for its activities in product development and IT services.
As an Information Security Consultant, you will have to lead, manage and execute enterprise-wide security projects, including vulnerability assessments, methodology development, security advisory and research.
You may be required to engage with clients to understand their security needs, scope solutions and initiatives, drive the creation of project deliverables such as vulnerability reports and executive summaries, and support in the delivery of the project.
You will mentor the junior team members and help them grow as consultants. You will work as part of a larger team located across multiple geographies.
You must be able to relay that information to your colleagues and your non-technical family members with the appropriate degree of detail.
Lead and execute information security assessments.
Automate frequently executed controls with the aim to drive efficiency and increase coverage in assessments.
Monitor and report on progress of the ongoing projects.
Engage with the clients to understand the requirements, provide regular updates on project status, answer queries and present the reports and findings.
Stay updated with latest developments in the information security space.
Contribute to development of tools and knowledge banks.
Ability to monitor the security logs, events and implement appropriate strategies to address any issues that may arise.
Obtain a thorough understanding around all components of system conversions to perform competent assessments across various phases of the SDLC.
Must be flexible with providing assistance during non-working hours.
Must be willing to travel up to 25%-50% of time (domestic and international).
Knowledge & Skills
Expertise in the execution and delivery of information security assessments.
A deep understanding of the common software and network security vulnerabilities.
Ability to perform root cause analysis and deliver strategic recommendations during client reviews.
In depth understanding of the ISO72001 framework or of other enterprise security architecture stnadards / models.
Preferred if the candidate has ISO27001 Lead Auditor certifications. Added advantage if the candidate has ISO27001 Lead Implemented too.
Preferably, CISSP certified or have inclination to certify at the earliest. Relevant certifications (CCSP, CISA, GSEC, CEH, OSCP, CSSLP and GIAC) are a big plus.
Advantageous to have hands-on knowledge of in some of the tools that are used across various verticals of Information Security e.
g. network security, application security, DevSecOps, Cloud security etc.
Knowledge of cloud service models (SaaS, IaaS, PaaS) across major cloud providers (including, but not limited to Azure, AWS),
In-depth knowledge of TCP / IP, OSI models and related protocols.
Exposure in Ethical Hacking or Red Team & Cyber Kill Chain framework, network analysis tools such as Wireshark and TCP Dump.
Knowledge of all-source intelligence analysis researching data from multiple intelligence sources and databases and analyzing findings.
Expertise in any scripting language to drive automation of mundane tasks and controls testing during the audits. However, expertise in Python / PowerShell is preferred.
Education & Work Experience
Engineering degree or an equivalent and relevant Information Security experience.
6-10 years of experience in any of the information security / cyber security roles
Mature understanding of IT landscapes and the value of IT for industries.
Experience in working as a part of a multi-geography team an asset.