Senior Penetration Tester
Macquarie Park, Australia
Singtel
The Singtel Group, Asia's leading communications group provides a diverse range of services including fixed, mobile, data, internet, TV, infocomms technology (ICT) and digital solutions.It starts with YES!
At Optus, we have an ambitious goal to be Australia’s most loved everyday brand.
Optus’ Cybersecurity division is a team of highly motivated professionals who seek to be on the forefront of security trends and technologies. As part of this growing team, you will play a crucial role in driving the business’ security strategy across a diverse range of systems and products within the Optus and Singtel groups. Our teams work with a broad range of technologies and business partners, with exposure to international trends, partners and security tools.
Your day in the life of a Senior Penetration Tester at Optus
- Undertaking penetration tests of Optus’ web applications, mobile applications, infrastructure, networks, Wi-Fi, and cloud applications, using a combination of manual and automated tools.
- Identifying security weaknesses and exploring impacts through exploitation.
- Documentation and presentation of results and providing effective remediation recommendations.
- Assist in security issue response in coordination with other teams across the company or externally, as required.
- Maintaining up-to-date industry knowledge of advancements in hardware and software technologies and their potential security implications.
- Develop solutions and testing approaches to problems for situations for which information is incomplete or for which no precedent exists.
- Problem-solving for issues and situations which arise prior to and as a result of penetration tests.
- Enforce relevant Information Security policies, standards, and operating procedures as required.
- Consultation with teams both internal and external to Cybersecurity and management of relevant organisational business partners.
- Consult with Security teams and business partners around penetration testing projects
- Assist in the scheduling and prioritization of penetration tests and any issues to be remediated as a result of these tests.
Your skills to pay the bills
- CREST, OSCP, or equivalent certification.
- Qualifications in Computer Science, Information Technology or equivalent (or compensating experience).
- 4+ years in penetration testing across several of the following disciplines: web applications, mobile applications, infrastructure, networks, Wi-Fi, and cloud security.
- Proven sophisticated knowledge of penetration testing. A solid understanding of information security governance, risk, and compliance.
- Versatile knowledge of web applications; standard internet protocols, and web technologies.
- Experience with common application security threats, such as SQL injection, Cross Site scripting etc.
- Sophisticated understanding and experience with tools such as Nessus, nmap, Microfocus Fortify Static Code Analyser, ZAP, Metasploit, Burp Suite, etc.
- Complete knowledge of the OWASP and MITRE ATT&CK frameworks.
- Previous exposure and understanding of obfuscation and evasion techniques.
- Sophisticated knowledge of information security principles and practices, understanding of security protocols and defence in depth.
- Demonstrable ability to conduct research into security issues and products as required.
- Demonstrated abilities to present findings to technical and non-technical team and executives.
- Excellent written and verbal communication skills, including technical writing and organizational skills; must be comfortable working in a fast-paced and evolving environment.
- Experience with telco technologies (optional)
Perks we love at Optus
- 3 days in the office, 2 days remote – with flexible hours to suit!
- Inclusive paid parental leave, up to 14 weeks for the primary care giver
- All Optus employees have access to resources, webinars and support via the ‘Parents at Work portal’
- Own your own growth by accessing an extensive online and facilitator led learning catalogue – even earn a MBA micro-credential via OptusU (University)
- Connect at work through one of our employee-led volunteer groups: Culture Connect, Elevate Women, Disability Network, Express Yourself (LGBTQIA+), United Veterans and Yarn Network
- Vibrant campus life, variety of facilities including restaurants, cafes, gymnasium, GP, and post office
- Two easy travel options to Sydney Campus: Optus bus from Sydney CBD (20min travel time) and Macquarie University Metro Station (every 6-8 minutes); morning and afternoon!
Keen to see what it’s really like to work at Optus? Search #OptusLife on LinkedIn to go behind the scenes!
At Optus, we are strengthened by others and that means valuing diversity and saying ‘yes’ to embracing individual differences. We are committed to ensuring that our application process provides an equal employment opportunity to all job seekers, including individuals from diverse gender, cultural and linguistic backgrounds, individuals with a disability, individuals identifying as being part of the LGBTQIA+ community, individuals who may have served in the armed forces or who identify as Aboriginal and/or Torres Strait Islander. If you require any adjustments or accessibility support to participate fairly and equitably in the recruitment process, please email AccessibleRecruitment@optus.com.au along with your preferred method of contact and we will be in touch.
For more information on Diversity, Inclusion & Belonging at Optus, please visit https://www.optus.com.au/about/inclusion-diversity.
#LI-DD1
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Burp Suite Cloud Compliance Computer Science CREST Governance Metasploit MITRE ATT&CK Nessus Nmap OSCP OWASP Pentesting Scripting Security strategy SQL SQL injection Strategy
Perks/benefits: Career development Flex hours Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs