About us
The Architecture Practice (TAP) is a leader in the Australian market offering excellent ICT Enterprise, Solution, Security and Business Architecture and superior Cyber security Services to a varied client base covering Government and Private Sector enterprises Australia wide.
Our team consists of qualified IT Consultants including architects, business analysts, GRC specialists, Security SME's and project managers who all aim to assist clients in identifying and prioritising their key architecture concerns for their organisation and providing breakthrough solutions translating strategy into actual processes.
TAP is a leader in the Australian market offering superior Enterprise, Solution and Business IT Architecture services to a varied Australian client base including Federal Government, State Governments, Local councils and Private sector.
About the role:
We currently have a vacancy for qualified and experienced Penetration Testers to join the TAP team. Our values are built on a foundation of strong work culture, ethics, and a determination to add value to every client we work with. We believe the most important part is for TAP's ethos to align with the principles that we incorporate within the organisation on a daily basis.
In this role, your key duties will include but not limited to:
* Assist and coordinate with the design, development, delivery and sustainment of a robust and comprehensive cyber assessment and testing capability.
* Select appropriate testing approach using in-depth technical analysis of risks and typical vulnerabilities.
* Produce test scripts, materials and test packs and tests new and existing networks, systems, or applications to identify vulnerabilities and non-conformance with standards and patterns. Provides advice on penetration testing to support others.
* Work with project teams, security/solution architect, application owners to develop penetration test scope that include relevant threat scenarios.
* Plan and drive penetration testing within a defined area of business activity. - Record and analyse actions and results and modify tests if necessary.
* Identify needs and implement new approaches for penetration testing. Contribute to security testing standards.
* Perform penetration tests on web applications, networks, and cloud platforms, document the findings and deliver the reports.
* Stay current with evolving threats, attack techniques, and security trends.
* Support the development of tools, scripts, and automation for common testing activities.
You will also be able to apply your advanced cyber assurance and cyber risks skills to:
* Interpret information assurance and security policies and apply these to manage risks.
* Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards, and guidelines.
* Plan, organise, and conduct information assurance and accreditation of complex domains areas, cross-functional areas, and across the supply chain.
* Undertake basic risk management activities. - Maintain documentation of risks, threats, vulnerabilities, and mitigation actions
About you:
As an integral part of the team, we'd expect that you would have:
* Bachelor's or master’s degree in computer science, Information Technology, Engineering, or a related field.
* Deep Knowledge of the Australian Government Information Security Manual (ISM).
* Understanding of the Protective Security Policy Framework (PSPF) and ability to Conduct Independent ICT System Security Assessments.
* Experience with Security Documentation & Reporting.
* Demonstrated vulnerability Assessment & Threat Analysis Skills.
* Knowledge of Security Governance & Compliance and Technical Understanding of Cloud Security.
* Practical Experience Conducting Security Control Testing.
* Ability to Engage with Stakeholders and Explain Technical Concepts.
Position Requirements
Skills & Experience:
* Good experience in a technical cyber security testing and assurance function.
* Detailed understanding of contemporary adversary tradecraft, effective controls, and models for adversary emulation (including Mitre ATT&CK)
* Demonstrated experience in successfully working with external vendors to perform the penetration testing.
* Problem Solving: Within clear organisational policies and business/professional principles jobholder applies analytical thinking to diverse problems. Diagnoses and develops solutions and may carry these through to implementation.
* Demonstrated experience in the application of security control and maturity frameworks such as ISM, NIST-CSF, AESCSF, CIS 18 / NIST 800-53, NIST 800-82.
* Demonstrated technical knowledge of a broad range of IT and security technologies, including:
* Identity and Access Management. Contemporary endpoint detection and response, vulnerability detection and management.
* Next generation web proxies, email gateways and firewalls. TCP/IP, Network Switches and Routers Network Firewalls and WAF's, Active Directory, Microsoft Servers, Linux Servers, VMware Servers, Web Servers, Database Servers, Messaging Systems, IAM systems, PKI, Encryption.
* SIEM, Security Log Analysis, Microsoft Sentinel, Incident Response Tooling, Forensic Tooling, Virtual security analysis environments.
* Microsoft Azure and Microsoft defender security capabilities, tooling, and practices.
Why join us?
At TAP, we work as one close‑knit team that supports, develops, and nurtures talent. With a diverse client base and a wide range of opportunities, we offer an environment where individuals can grow, flourish, and continually learn.
We will give you:
* The opportunity to work in a leading cyber security and IT startegy and Architecture‑focused organisation.
* Flexible work arrangements, including the ability to work from home.
* Engaging and meaningful projects across both Government and Private Sector clients.
* Professional development support, including in‑house training and access to external courses and conferences.
* A flat management structure that encourages collaboration and open communication.
* Annual performance reviews focused on growth and development.
* A strong social culture and a down‑to‑earth, inclusive working environment.
How to apply
If you feel that you have the necessary skill set for this role, please apply now via SEEK attaching a brief cover letter along with your up-to-date resume, detailing your suitability for the position. Australian Citizens only.
We look forward to hearing from you!