Senior Technical Advisor - Penetration Testing
Brisbane, QLD, AU
Acknowledgement of Country
CSIRO acknowledges the Traditional Owners of the land, sea and waters, of the area that we live and work on across Australia. We acknowledge their continuing connection to their culture and pay our respects to their Elders past and present. View our vision towards reconciliation
Child safety
CSIRO is committed to the safety and wellbeing of all children and young people involved in our activities and programs. View our Child Safe Policy.
The opportunity
- Supportive and truly inclusive environment.
- Innovative and rewarding workplace with fantastic flexibility
- Enhance your career with Australia's premier research organisation
As part of CSIRO’s Information Management and Technology (IMT), Cyber Security Resilience team plays a pivotal role in protecting CSIRO’s information assets to enable achievement of nation’s science and research objectives. The key capabilities this team delivers include cyber assurance & advisory, cyber architecture & engineering, third-party cyber risk management, vulnerability management and penetration testing.
The CSIRO Cyber Security Resilience team is seeking a highly skilled Senior Technical Advisor (Penetration Tester). The candidate will be responsible for conducting comprehensive penetration testing engagements across our network infrastructure, applications, and cloud environments. This role demands a deep understanding of security best practices, advanced exploitation techniques, and a passion for uncovering vulnerabilities across multiple layers of technology and the defence mechanisms associated with them.
For this role you will need experience in balancing the cyber security requirements with CSIRO’s scientific business requirements, and CSIRO’s cyber security risk posture. The successful candidate will have experience across a broad range of industries and can demonstrate subject matter expertise in providing technical testing and assurance capabilities to organisations, through positive collaborative engagement with key stakeholders.
Your duties will include:
- Plan, execute, and document penetration testing engagements against internal systems, applications, and cloud environments;
- Identify, exploit, and report critical vulnerabilities using various penetration testing methodologies and tools;
- Develop and execute custom exploits and attack vectors to bypass security controls;
- Analyse vulnerabilities, assess their impact, and prioritise remediation efforts;
- Develop and deliver technical reports outlining findings, recommendations, and proof-of-concept exploits;
Location: Sydney (Lindfield), Melbourne (Clayton), Canberra (Black Mountain), Brisbane (St Lucia), Adelaide & Hobart
Salary: AU$126,313 – $148,014 per annum (Pay scale to be increased by 3.8% from 21 November 2024 : New range is AU$131,112 - $153,638 per annum)
plus 15.4% superannuation
Tenure: Indefinite
Reference: 98487
To be considered you will need:
Essential
Under CSIRO policy only those who meet all essential criteria can be appointed.
- Demonstrated 5+ years’ experience in penetration testing (enterprise networks, web applications, and phishing).
- Demonstrated experience in technical security operations
- Demonstrated experience in scoping business areas for security analysis/testing.
- Demonstrated experience in report writing, and peer review/quality assurance.
- Excellent presentation skills plus ability to talk to all levels of staff including Executive and ability to persuade and influence;
- Excellent interpersonal, collaboration, and communication skills along with the ability to apply initiative, autonomy, quality of work, and teamwork; and
- Relevant certifications in cyber security (e.g., CISSP, CISM, CRISC, SABSA, etc.).
Desirable
- OSCP (Offensive Security Certified Professional) certification
For full details about this role please review the Position Description
Eligibility
Applications for this position are open to Australian Citizens Only
Appointment to this role is subject to provision of a national police check and the ability to obtain and maintain a security clearance at the NV1 level.
Flexible working arrangements
We work flexibly at CSIRO, offering a range of options for how, when and where you work.
Diversity and inclusion
We are working hard to recruit people representing the diversity across our society, and ensure that all our people feel supported to do their best work and feel empowered to let their ideas flourish.
About CSIRO
At CSIRO Australia's national science agency, we solve the greatest challenges through innovative science and technology. We put the safety and wellbeing of our people above all else and earn trust everywhere because we only deal in facts. We collaborate widely and generously and deliver solutions with real impact.
CSIRO is committed to values-based leadership to inspire performance and unlock the potential of our people.
Join us and start creating tomorrow today!
How to apply
Please apply on-line and provide a cover letter and CV that best demonstrate your motivation and ability to meet the requirements of this role.
Applications close
Sunday 24th of November 2024, 11:00pm AEDT
Shortlisting for this role will take place as applications are received.
Please consider applying as soon as possible.
Tags: CISM CISSP Clearance Cloud CRISC Exploit Exploits Offensive security OSCP Pentesting Risk management Security analysis Security Clearance Vulnerabilities Vulnerability management
Perks/benefits: Flex hours Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.