Stellendetails zu: Auditor – Vulnerability Identification, Penetration Testing, Software & IT (d/m/f/x)
Auditor – Vulnerability Identification, Penetration Testing, Software & IT (d/m/f/x)
Auditor – Vulnerability Identification, Penetration Testing, Software & IT (d/m/f/x)
Kopfbereich
Besondere Merkmale
Arbeitsort
StuttgartAnstellungsart
VollzeitBeginn
ab sofortBerufsbezeichnung
- IT-Tester/in
Stellenbeschreibung
Tätigkeitsbereich: IT/Telekommunikation
Fachabteilung: Audit Digital
Gesellschaft: Mercedes-Benz Group AG
Standort: Stuttgart
Startdatum: 27.04.2026
Veröffentlichungsdatum: 27.04.2026
Stellennummer: MER00042A2
Arbeitszeit: Full time
Aufgaben
The Mercedes-Benz Group AG is one of the world’s most successful automotive companies. With Mercedes-Benz AG, the vehicle manufacturer is among the largest providers of premium and luxury passenger cars and vans.
Becoming part of Mercedes Benz means finding the area of responsibility in which you can develop your talents individually. It means giving your best in a global automotive company with the goal of building the world’s most desirable cars. In doing so, you will be supported by visionary colleagues who share your pioneering spirit. Together for excellence.
About Us:
Corporate Audit of Mercedes Benz AG is an independent and objective assurance function.
We support the company in identifying, assessing, and managing technological, digital, and cyber risks in a transparent and sustainable manner, in accordance with the International Standards for the Professional Practice of Internal Auditing (IIA / IPPF) and DIIR requirements. To strengthen our team, we are looking for an Auditor (m/f/d) with strong Cyber Security and Offensive Security expertise who not only assesses risks conceptually, but technically validates them.
Your Role:
In this position, you combine internal audit responsibilities with hands on offensive cyber security expertise. You audit where risks are most critical: software, IT systems, digital platforms, and connected architectures.
Key Responsibilities:
As an auditor, you examine and evaluate end-to-end processes, systems as well as software and IT landscapes with a focus on cyber and software risks.
- Cyber Security & Offensive Testing - Perform authorized vulnerability assessments and penetration tests as part of audit and special engagements (e.g. “friendly attack”, assumed breach scenarios). Conduct technical testing of Applications, APIs, and platforms, IT infrastructure, networks, and identity environments, Cloud, hybrid, and connected systems. Validate vulnerability scanner results and third party penetration test findings
- Audit & Security Assurance - Independently plan, execute, and follow up audits in line with IIA Standards (IPPF) and DIIR, assess the effectiveness of technical and organizational security controls (confidentiality, integrity, availability, traceability), evaluate governance, risk, and control systems in IT and software environments, support audit readiness, remediation tracking, re testing, and closure verification
- Reporting & Management Communication - Prepare concise, management ready audit reports including clear risk assessments, verifiable evidence, actionable and prioritized recommendations. Communicate complex technical findings clearly to IT and software owners, auditees and (top) management
- Methods & Continuous Improvement - Apply and further develop audit and security methodologies (e.g. OWASP, MITRE ATT&CK, NIST, ISO standards), use modern tools and AI supported analysis and testing techniques, actively contribute to the advancement of cyber security audit approaches and technology enabled audit practices
Qualifikationen
Professional Qualifications:
- University degree in Computer Science, IT Security, Software Engineering, Business Informatics, or comparable
- Several years of professional experience in Cyber Security / Offensive Security / Penetration Testing, Vulnerability Management or Software / IT Security, ideally complemented by experience in Internal Audit or audit relevant environments
- Strong knowledge of Application and API security, IT, cloud, and hybrid architectures, authentication, authorization, and privilege concepts, confident use of professional penetration testing tools and manual testing techniques
- Basic understanding of audit compliant work according to IIA / IPPF
Personal Competencies:
- Strong analytical and conceptual thinking skills
- Ability to explain complex technical risks in a clear, structured, and management relevant manner
- Strong cyber security mindset combined with high integrity and sense of responsibility
- Confident communication skills, including in critical discussions on cyber and IT risks
- Team oriented, proactive, and professional attitude as part of an independent audit function
- Willingness to travel for business purposes (several times per year, including longer assignments)
- Certifications (Beneficial, Not Mandatory): offensive security certifications (e.g. OSCP, OSCE, CRTO, GPEN or comparable), CIA, CISA, or comparable audit / security certifications, cloud or platform security certifications
What We Offer:
- Highly relevant audit work at the intersection of Internal Audit and Cyber Security
- Direct impact on cyber resilience, product security, and system integrity
- High visibility and close interaction with management, IT, and security units
- Deep insights into complex, future oriented IT and software landscapes
- Structured professional development in audit, security, and emerging technologies (including AI)
- Modern, flexible working models based on trust and personal responsibility
Additional Information:
This is a permanent position.
We look forward to receiving your online application with a resume, cover letter, and certificates. Please do not forget to mark your documents as "relevant for this application" in the online form and note the maximum file size of 5 MB.
Severely disabled applicants and applicants with equivalent status are welcome! The representation for severely disabled employees (sbv-zentrale@mercedes-benz.com) will gladly support you in the application process.
For questions about the application process, HR Services will be happy to assist you via email atmyhrservice@mercedes-benz.comor by phone: 0711/17-99000 (Monday to Friday between 10am-12pm and 1pm-3pm).
Benefits
- Barrierefreiheit
- Kantine, Café
- Kinderbetreuung
- Coaching
- Betriebsarzt
- Mobilitätsangebote
- Mitarbeiter Events
- Mitarbeiterrabatte möglich
- Mitarbeiterbeteiligung möglich
- Mitarbeiterhandy möglich
- Essenszulagen
- Gesundheitsmaßnahmen
- Hybrides Arbeiten möglich
- Lebenslanges Lernen
- Betriebliche Altersversorgung
- Parkplatz
- Gute Anbindung
- Flexible Arbeitszeit möglich
Kontakt
Meike Siebert
Email: meike.siebert@mercedes-benz.com
Mercedesstr. 120
70372 Stuttgart
Arbeitsorte
Unternehmensdarstellung: Mercedes-Benz Group AG
Mercedes-Benz Group AG
Die Mercedes-Benz Group AG (ehemals Daimler AG) ist eines der erfolgreichsten Automobilunternehmen der Welt. Mit der Mercedes-Benz AG gehören wir zu den größten Anbietern von Premium- und Luxus-Pkw und Vans. Die Mercedes-Benz Mobility AG bietet Finanzierung, Leasing, Fahrzeugabos und –miete, Flottenmanagement, digitale Services rund um Laden und Bezahlen, die Vermittlung von Versicherungen sowie innovative Mobilitätsdienstleistungen an.
In diesem Dokument befinden sich aus Sicherheitsgründen keine Kontaktdaten des Arbeitgebers. Wenn Sie diese sehen möchten, lösen Sie bitte die Sicherheitsfrage und laden Sie das PDF erneut.