Senior IT Security Penetration Tester
Reserve Bank of Australia
We are Australia's central bank. We conduct monetary policy, work to maintain a strong financial system and issue the nation's currency.
This is an exciting opportunity to work in a highly mature cyber security team. This role sits within the Assessments and Testing team in the Bank’s IT security services. As part of the role, you will be working closely with a wide variety of stakeholders, liaising with project and technical teams to organise and undertake security testing against the Bank's network, perimeter, applications, and systems to identify vulnerabilities and minimise security risks for the Bank against current and emerging threats.
The key aspect of this role will be to undertake regular and ad-hoc penetration testing across RBA applications and infrastructure. As part of this role, you will:
- Be responsible for discovering vulnerabilities in a variety of systems including web application, infrastructure, mobile and wireless systems.
- Provide reports outlining identified vulnerabilities and present recommendations to IT and business teams.
- Dedicate time to vulnerability research on certain high-value applications or systems.
- Help participate in red team exercises to identify gaps in people, processes, and technologies.
- Engage in purple teaming activities to ensure the Bank's cyber posture can defend against relevant threats.
Your team: You will work with a team of incredibly smart people, who are very passionate about security. It is a challenging, fast-paced, and team-oriented environment with a great culture.
Your background: We are looking for someone who has strong experience in Network/Application penetration testing along with experience in presenting the identified vulnerabilities and recommendations to stakeholders at various levels effectively. Additionally, experience performing red/purple teaming engagements will be highly desirable.
To be successful in this critical role you will possess:
- Experience performing a broad range of penetration testing (network, web application, mobile etc.).
- Knowledge of information security principles and practices, and industry standards such as CORIE, ASD's Essential Eight, and ISM.
- In-depth knowledge of common offensive security tools (Burp Suite, Cobalt Strike, Metasploit).
- Comfortable programming in at least 1 language (Java, C#, Python) and knowledge of secure coding practices.
- Ability to present technical concepts to non-technical stakeholders and explain risk in a business context.
- Experience in conducting red/purple team engagements is beneficial but not required.
Your application should include a resume detailing your experience and qualifications.
The Reserve Bank of Australia is an equal opportunity employer. We are committed to creating a diverse and inclusive workplace and encourage applications from experienced candidates seeking workplace flexibility.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
