Senior Penetration Tester Role
A highly skilled and experienced penetration tester is required to join our team as a Senior Security Analyst. This role will involve working with peers in cyber security, digital, and across the broader business to scope, plan, and execute penetration testing independently and/or in collaboration with external vendors.
About The Position
* This position requires a strong understanding of contemporary adversary tradecraft, effective controls, and models for adversary emulation, including Mitre ATT&CK.
* The successful candidate will have demonstrated experience in successfully working with external vendors to perform penetration testing.
Key Responsibilities
1. To assist and coordinate with the design, development, delivery, and sustainment of a robust and comprehensive cyber assessment and testing capability.
2. To select appropriate testing approach using in-depth technical analysis of risks and typical vulnerabilities.
3. To produce test scripts, materials, and test packs and tests new and existing networks, systems, or applications to identify vulnerabilities and non-conformance with standards and patterns.
4. To work with project teams, security/solution architect, application owners to develop penetration test scope that include relevant threat scenarios.
5. To plan and drive penetration testing within a defined area of business activity.
6. To record and analyse actions and results and modify tests if necessary.
Requirements
* Good experience in a technical cyber security testing and assurance function preferably with critical infrastructure in the Energy Sector.
* Detailed understanding of contemporary adversary tradecraft, effective controls, and models for adversary emulation (including Mitre ATT&CK).
* Demonstrated experience in successfully working with external vendors to perform penetration testing.
* Problem Solving: Within clear organisational policies and business/professional principles jobholder applies analytical thinking to diverse problems.
* Demonstrated experience in the application of security control and maturity frameworks such as ISM, NIST-CSF, AESCSF, CIS 18 / NIST 800-53, NIST 800-82.
Benefits
This position has a national focus and may require interstate travel and the ability to work flexible hours.
Must be an Australian citizen with the ability to attain and maintain an appropriate level of national security clearance.
Tertiary qualifications in computer science or technology-related field, or equivalent work or education-related experience.
OSCP or other relevant certifications desirable.