Penetration Tester

About BDO

At BDO Australia, our why is ‘empowering people, realising possibilities’. One way we bring this to life is by hiring and developing exceptional talent, to deliver on our wide array of audit, tax and advisory services.

About the Role

As a Penetration Tester, you will deliver high-quality security assessments across web applications, infrastructure, cloud environments, and critical systems such as sensitive government assets and critical infrastructure. This role is ideal for individuals with a solid foundation in penetration testing who are ready to take on more responsibility, contribute to client-facing work, and support the growth of junior team members. 

As part of BDO’s Cyber Team, you will have the opportunity to work on high-impact, complex projects that grow your skills and career - backed by the trust of clients with the most critical and sensitive assets.  

At BDO, we don't just hire talent, we invest in it. We are committed to your long-term growth and will support your journey with tailored training, certifications and the resources you need to grow.

Key Responsibilities: 

• Plan and execute penetration tests on web applications, networks, and cloud platforms. 

• Document technical findings and produce clear, client-ready reports with actionable remediation guidance. 

• Participate in client debrief sessions, explaining technical issues in a business-friendly manner. 

• Collaborate with engagement leads and project managers to ensure high-quality, timely delivery. 

• Stay current with evolving threats, attack techniques, and security trends. 

• Contribute to internal knowledge sharing and may assist in peer review or mentoring junior testers. 

• Support the development of tools, scripts, and automation for common testing activities. 

About You 

• 2-3 years of hands-on penetration testing experience with proficiency in tools like Burp Suite, Nmap, and Metasploit. 

• Strong understanding of OWASP Top 10, network protocols, and operating system security principles. 

• Relevant certifications and/or demonstrated success in online platforms such as but not limited to, HackTheBox and PentesterLab. 

• Experience testing Active Directory, APIs, or mobile applications. 

• Familiarity with scripting in Python, PowerShell, or Bash for automation and basic knowledge of cloud security (AWS, Azure, or GCP). 

• Exposure to vulnerability management, threat modelling, or secure coding practices. 

• Ability to write clear and concise documentation and reports.

Why BDO?
 

Working for BDO you will be part of a growing and market leading professional services firm.

Our national and global footprint provides our people with opportunities to work on interesting client engagements, across diverse industry sectors and services.

Our open and collaborative culture ensures access to Partners and professional mentors, to guide and accelerate your professional career, across a wide array of career pathways.

We provide our people with various health and wellbeing, social, financial, and professional development benefits to help realise what’s possible.

Participate in fitness challenges or take advantage of exclusive discounts to corporate health insurance, gym memberships and wellness facilities via our BWell program. Access benefits such as travel perks, retail discounts, free breakfast, employee referral rewards, study, and professional development support.

Our leave options cater to the unique needs of our people; and include enhanced family support, cultural and religious leave, and options to purchase additional leave. You can also give back and get involved in community initiatives via our BCaring program.

With a strong focus on learning and growth, we provide on the job training and formal development programs to help you succeed in your role and develop your skills and experience.

Our culture is underpinned by our core values (One, Bold, Human, Heart and Strive). We are proud to be recognised as an Inclusive Employer by the Diversity Council of Australia and an Employer of Choice by the Workplace Gender Equality Agency (WGEA).