About the Role
The Department of Education is seeking a skilled Offensive Security Analyst to strengthen the security of Victoria's largest and complex technology environment. In this hands‐on role, you will proactively test and challenge the Department's cyber defences by emulating real‐world attack techniques.
You will deliver penetration testing, red team activities, and vulnerability assessments across web applications, infrastructure, cloud platforms, and enterprise systems. Working closely with internal teams and external panel providers, you will identify security weaknesses and provide clear, risk‐based remediation advice to both technical and executive stakeholders.
Key Attributes
You are an experienced penetration tester or offensive security practitioner with strong technical capability and a methodical approach to identifying and testing security vulnerabilities.
You will bring
* Demonstrated experience delivering penetration testing across applications, infrastructure, cloud, and enterprise environments
* Strong knowledge of offensive security frameworks (e.g. MITRE ATT&CK, PTES, OWASP Top 10)
* Proven ability to produce clear, risk‐rated findings and remediation reports
* Automation skills using Python, Bash, or PowerShell
* Ability to communicate complex technical risks to technical audiences to support remediation and security uplift initiatives
Desirable
* Experience in red team operations or adversary emulation exercises
* Experience in mapping attack techniques to frameworks such as MITRE ATT&CK
* Experience in supporting security assurance activities or large‐scale technology programs
* Ability to contribute to the development and improvement of security policies and standards
* Ability to define standards and guidelines for security uplift
Essential Qualifications and Experience
* Bachelor's degree or Diploma in Cybersecurity, Computer Science, Information Technology, or a related field
* Certification in offensive security testing (e.g. CEH, OSCP, OSWE, etc)
About the Branch
The Information Security Branch (ISB) is part of the Information Management and Technology Division (IMTD) which guides the Departments' digital capability and is leading digital transformation for education in Victorian government schools.
With the increasing sophistication of cyber threats, ensuring the privacy and safety of our staff and students online is more important than ever. As part of the ISB, you will play a critical role in ensuring the delivery of adversary‐led testing within ISB to validate controls, prioritise remediation, and strengthen departmental cyber resilience. Your work will provide proactive identification of real‐world attack risks to strengthen IMTD assurance, resilience, and stakeholder confidence across systems.
About the Division
The Information Management and Technology Division (IMTD) plays an essential role in delivering technology services across Victoria's government schools, corporate, and early learning environments. IMTD supports one of the largest and most complex technology networks in the state, servicing more than 1,500 government schools, approximately 50,000 teachers, and over 650,000 students.
IMTD's mission is to deliver secure, modern, and high‐quality technology solutions that enable excellence across education and corporate services. The division is committed to providing reliable, user‐centred technology, underpinned by strong governance, accountability, integrity, and respect.
IMTD provides innovation and leadership in the transformation and management of the Department's digital capability, including the delivery of infrastructure services (IaaS), enterprise cloud platforms (PaaS), and software solutions (SaaS). Through this work, IMTD ensures that technology services are secure, scalable, and resilient to meet the evolving needs of the education sector.
Further Information
For further details regarding this position, please refer to the attached position description, which outlines the key capabilities and requirements to be addressed in your application.
The Department of Education values diversity and inclusion in all forms, including gender, religion, ethnicity, LGBTIQ+, disability, and neurodiversity. Aboriginal and Torres Strait Islander people are strongly encouraged to apply.
#J-18808-Ljbffr