Our federal Government Client is looking for an experienced Offensive Security/ Red Team Specialist. This is a 12 month contract role. The role is open for Sydney and Melbourne Candidates.
The Offensive Security Specialist will regularly conduct advanced penetration tests and ethical hacking to identify vulnerabilities in computer systems early thus helping prevent external threats that may occur in the agency.
As an Offensive Security Specialist, you will be a subject matter expert in your field. You'll have the ability to prioritise and take ownership, as well as assist the broader ICT Services Branch your knowledge and experience. You will be comfortable working collaboratively with both technical and non-technical resources with a high aptitude for learning in a fast-paced environment. We are looking for someone who has a passion and drive for working in a DevSecOps environment, working with the latest tools and technologies. As a cloud focused organisation, security is of paramount importance to us, and we are looking to strengthen our team's capability with this role.
To be successful in this role you will be responsible for:
- Performing penetration testing of applications and IT infrastructure
- Provide feedback into the design and build phase to ensure security requirements are captured up front
- Validating reported vulnerabilities, recommending appropriate mitigating strategies, and coordinating the follow up with relevant team members
- Work with Cyber Security teams and product owners to seek alignment between information security and business objectives.
- Providing strategic advice to the Director and Assistant Director Quality Assurance
- Investigate potential complex security issues and engage stakeholders appropriately
- Foster a positive culture within the Platforms & Integration team aligned with Agency values
- Work with the identify & access management team
- Building and maintaining effective working relationships with internal and external stakeholders
- Provide insight and integrate to monitoring and compliance tools
To be considered for this role you must:
- An Australian Citizen with the ability to obtain an NV1 Security Clearance
- Demonstrated ability in "capture the flag" activities
- Proven ability to define automated testing requirements across multiple platforms
- Proven experience producing highly technical and procedure documentation
- Sound understanding of AWS cloud infrastructure
- Demonstrated experience in offensive security and penetration testing across diverse platforms and technologies, including Web Applications, APIs, Mobile Apps, Kubernetes, Cloud environments, Networks, and Wireless infrastructures
- Knowledge and practical experience in network protocols
- Experience in Red Team Operations, conducting adversary emulation exercises
- Demonstrated high level conceptual, analytical, and problem-solving skills, and the ability to develop creative and innovative solutions to difficult and complex problems
- Ability to write tools and exploits in one or more languages such as Python, C, Node.js, golang
- OSCE/OSCP/GWAPT/GXPN/GMOB certification is a distinctive plus (any of those)
To be considered for the role click the 'apply' button or for more information about this and other opportunities please contact Irina Alrogi on +61 (0)2 6151 9203 or email: [email protected] and quote the above job reference number.
Paxus values diversity and welcomes applications from Indigenous Australians, people from diverse cultural and linguistic backgrounds and people living with a disability. If you require an adjustment to the recruitment process please contact me on the above contact details.