Role & responsibilities

To identify, assess, exploit, and help remediate security vulnerabilities in KB embedded products, software, and components by performing penetration testing, technical security assessments, and targeted analysis of SBOM-based findings supported by vulnerability monitoring platforms (e.g., Dependency-Track). The role supports the Product Security Engineering team in improving product resilience, strengthening the secure product lifecycle, and ensuring alignment with KB vulnerability management processes and product security requirements.

Preferred candidate profile

- Very good knowledge of cybersecurity terms and concepts

- Strong hands-on experience in penetration testing of embedded systems, firmware, and connected products

- Strong IT infrastructure background

- Extensive software development experience

Experience with Vulnerability Management of embedded system, CI/CD security

- Support development teams in analyzing the impact of security vulnerabilities in third party components on their products, including embedded devices as well as cloud-based systems and applications.

- Assess vulnerabilities using CVSS methodology, write descriptions and

mitigation recommendation for internal development teams as well as

customers

- Support development teams integrating vulnerability management into their development process/tools, creating SBoMs etc

- Work on topics self-dependent and target oriented

- Consult KB colleagues on a worldwide basis with respect to technical security topics

- Call on-duty - 1 week once per 6 weeks to cover critical incidents