Penetration Tester Your new company A leading organisation committed to building secure, high-quality software and infrastructure. You will join a team that values strong security practices, continuous improvement, and technical excellence across application, infrastructure, and cloud environments. Your new role As a Penetration Tester, you will conduct in-depth security assessments across web applications, mobile apps, thick clients, networks, and infrastructure. You'll perform manual and automated penetration testing, secure code reviews, threat profiling, and vulnerability analysis. You'll collaborate closely with development and architecture teams, provide remediation guidance, and contribute to building a mature security posture across the organisation. What you'll need to succeed
9-12 years of total IT experience, with at least 9 years in penetration testing across applications, infrastructure, and mobile.
Strong hands-on experience in:
Web and thick-client penetration testing
Mobile application security testing
Infrastructure and network penetration testing
Secure code review across Java, ASP, .NET, C++, C#, PHP, etc.
Strong understanding of cryptography, authentication mechanisms, and secure development practices.
Ability to analyse application architecture, perform threat modelling, and conduct comprehensive manual reviews.
Deep knowledge of OWASP Top 10, SANS Top 25, and industry security standards.
Understanding of HTTP, SOAP/REST, SSL/TLS protocols.
Experience with relational databases: Oracle, MS-SQL, MySQL.
Strong skills in vulnerability analysis, impact assessment, and risk determination.
Experience leading security testing engagements and mentoring junior testers.
Excellent written, verbal, and presentation communication skills.
Familiarity with secure SDLC processes and security consulting.
Tools proficiency:
Secure code review: Checkmarx, HP Fortify, AppScan Source
Web app scanning: AppScan, HP WebInspect, Burp Suite Pro
Programming languages: Java, C, C++, .NET
Development knowledge: ASP.NET, ASP, PHP, J2EE, JSP
Database scanning: NGS, Scuba
Vulnerability scanning: Qualys, Nessus
Good to have:
Hands-on application development experience.
Experience using modern IDEs (Java/.NET/PHP); Eclipse is a plus.
Experience conducting network penetration testing and vulnerability assessments.
Exposure to Pre-Sales / RFPs.
Knowledge of compliance frameworks: ISO 27001, PCI DSS, HIPAA, SOX.
Security certifications such as CEH, CISSP, CISA, ECSA, LPT.
What you'll get in return A chance to work on challenging penetration testing engagements, influence security strategy, and strengthen the organisation's overall security posture. You'll gain exposure to a wide range of technologies, opportunities to lead and mentor, and a pathway to grow into advanced offensive security roles. What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. #2974201
All Job Ads are subject to GrabJobs’s Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by GrabJobs moderation team. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.
Be the first to receive the latest Others Full-Time Jobs in Australia.
Setup your job alert:
By activating job alerts, I agree to GrabJobs Terms & Privacy Policy. I can unsubscribe to job alerts anytime.
Skip
GrabJobs is the no1 job portal in Australia, connecting you to thousands of jobs fast!
Find the best jobs in Australia, apply in 1 click and get a job today!