A leading State Government Client based in Parramatta is looking for a Security Penetration Tester. Initial 6 months contract role. APPLY NOW!!!
About the role:
The tester would be undertaking penetration tests of web applications, mobile applications, infrastructure, networks, and cloud applications, using a combination of manual and automated tools. The tester would also have to create comprehensive exploitation strategies that identify exploitable technical or operational vulnerabilities.
- Identify cyber security weaknesses, explore impacts through exploitation, document results, and provide effective remediation recommendations.
- Documentation and presentation of results and providing effective remediation recommendations.
- Assist in security issue response in coordination with other teams across the company or externally, as required.
- Maintaining up-to-date industry knowledge of advancements in hardware and software technologies and their potential security implications.
- Develop solutions and testing approaches to problems for situations for which information is incomplete or for which no precedent exists.
- Problem-solving for issues and situations which arise prior to and as a result of penetration tests.
- Enforce relevant Information Security policies, standards, and operating procedures as required.
To be successful for the role, one must have:
- 5+ years experience in penetration testing across several of the following domains: web applications, mobile applications, infrastructure, networks, and cloud security.
- Experience testing critical transactional systems in industries such as government, and defence are highly desirable,
- Experience in advanced testing areas such as thick-clients applications, hardware and embedded systems, reverse engineering, POS terminals and ATMs, applied cryptography, block chain and smart contracts, exploitation of memory corruption flaws, fuzz testing, radio communications are all highly desirable.
- Experience in developing hacking tools, security research, advisories and presentations is an advantage.
- Demonstrated advanced knowledge of penetration testing.
- A strong understanding of information security governance, risk, and compliance.
- Advanced knowledge of common application security threats, such as SQL injection, Cross Site scripting etc.
- Advanced experience with tools such as Nessus, nmap, Kali, ZAP, Metasploit, Burp Suite, etc.
- Advanced knowledge of the OWASP and MITRE ATT&CK frameworks.
- Advanced knowledge of obfuscation and evasion techniques.
If this something that sounds like you, Please APPLY NOW!!!
To be considered for the role click the 'apply' button or for more information about this and other opportunities please
contact Shweta Sharma on (02) 9464 5855 or email email@example.com and quote the above job reference number.
Paxus values diversity and welcomes applications from Indigenous Australians, people from diverse cultural and linguistic
backgrounds and people living with a disability. If you require an adjustment to the recruitment process please contact me on the above contact details.