Senior Penetration Tester

Tesserent is a full-service cybersecurity solutions provider. We partner with clients across Australia and New Zealand in the protection of their digital assets. With offices across Australia and New Zealand, we partner with clients to provide a full suite of cybersecurity services. Our mission is to be the sovereign cybersecurity provider of choice for the protection of Australia and New Zealand’s digital assets.

Tesserent are looking for a skilled and motivated security consultant to join our team of Canberra-based offensive security specialists. In this role you will work closely with clients to deliver Penetration Testing and Assurance works to cover a range of systems. This role is for an experienced individual who can provide cybersecurity advice to customers; and work collaboratively in team of Penetration Testers.

The successful application will have a demonstrable knowledge of offensive security tooling, and ability to articulate impact from identified vulnerabilities. A strong knowledge of coding and programming skills will be highly regarded. Good communication and inter-personal skills and a willingness to participate in team activities.

This role is based in Canberra and requires the successful applicant to hold a current NV1 security clearance.

Role Responsibilities:

• Ability to understand and articulate technical information around security practices, standards and cybersecurity, identifying risks and suggested improvements to support business operations,
• Strong knowledge and experience with ISM essential eight and hardening guidelines.
• Comfortable using Linux operating systems and offensive security tooling.
• Deep understanding of computer systems, computer networking, and IT infrastructure.
• Strong understanding of both front and backend web technologies and communication protocols.

Role Requirements: 

• Review system documentation and source code to assess security posture of a target platform.
• Perform penetration testing on web applications, mobile applications, networks, and systems.
• Utilise a range of offensive security tooling and techniques to identify vulnerabilities.
• Document and demonstrate exploit chains and attack vectors
• Engage with clients to understand their security needs and requirements.
• Plan and manage penetration testing engagements, ensuring they are delivered on time and within scope.
• Communicate clearly and effectively with clients throughout the engagement, from initial consultation to final debrief.
• Work with client's development and operations teams to advise on security best practices.
• Assist in the development and implementation of security policies and procedures.

Knowledge, Skills & Experience:

• Any relevant education or industry experience will be considered.
• Candidates holding one of the following certificates will be highly regarded: GPEN, GWAPT, GMOB, GXPN, GCPN, OSCP, OSWE, OSEP, OSEE, CREST, CISSP
• Demonstrated technical penetration testing experience and knowledge of security fundamentals.
• Experience working with Federal Government clients.
• Knowledge of security practices in large organisations.
• Knowledge of Federal Government IT Security standards.
• Ability to work independently and as part of a team.

Benefits:

• Opportunities to undertake technical training and secure industry recognised certifications.
• Flexible working arrangement with a healthy mix of remote and in-person work.
• Opportunities to work with some of the best cybersecurity professionals in the region, and to grow and develop your career.
• Extra leave day per year for your birthday.