Penetration Tester
Australia - Remote
Applications have closed
Triskele Labs
At Triskele Labs, we work with you to understand your risks, goals, challenges and culture to develop Cyber Security solutions tailored to your business.As a member of the Triskele Labs Penetration Testing team, you will have a sound knowledge of the Information Securityindustry, in particular Penetration Testing practices. Penetration Testers conduct Penetration Testing of client assets, networks, applications, and infrastructure, to identify vulnerabilities and security flaws within the scope of an engagement. The Penetration Tester will then detail any such issues once identified within a detailed report, accurately identifying and describing their potential impact and technical complexity in tandem with recommendations to mitigate the issue.
The Penetration Tester will conduct Penetration Tests of the following types:
- Web Applications
- Mobile Applications
- External Infrastructure
- Internal Infrastructure
You will fluently operate software to conduct the above penetration testing activities, including but not limiting to:
- Web application proxy (i.e. BurpSuite)
- Scanners, such as Nessus, web application scanners and open source tools
- Directory brute forcing tools
- Encryption configuration verification
- Response header identification
- Tools specific to a web technology, i.e. ASP.NET, PHP, Java, etc
You will maintain and respond to all client communications in a timely fashion during an engagement, including answering standard and basic questions, taking phone calls, sending daily start and end emails, and more. In addition, you will review peer reports for engagements and provide succinct, considered feedback to improve the quality of the report and ensure the report is completed to the expected quality standard prior to passing the report to the Penetration Testing Team Lead for final review.
Requirements
Triskele Labs provide bespoke services to our clients, which makes us unique. We are not only looking for technical brilliant Penetration Testers, but also those with excellent soft skills. Aside from these technical skills, you will posses:
- OSCP Mandatory
- OSWE preferable
- CREST Registered Tester (CRT) preferable
- Demonstrated experience as a Penetration Tester, in particular focusing on Web Applications
- Excellent English Skills
- Ability to work with clients during testing
Benefits
Team culture is everything to Triskele Labs and it is the reason we exist. Our founder set out to create a cybersecurity company that is a place our team love to work. While we focus this culture on the team in Australia, the pivot to remote working has ensured that we provide this for all team members, on-site or remote. We will continue to strive for excellence with our inclusive team culture through initiatives developed by our People and Culture team. In addition, we provide:
- Annual Training Budget and Paid Training Leave
- Paid Secondary Care Giver Leave (up to 12 weeks post 12 months of service)
- Additional days of leave - 'Birthday Leave' and 'Doona Day'
- Continual Learning Scenarios through team knowledge sharing
- Access to Employee Assistance Program (EAP) for all team members
- Social functions organised by our People & Culture Team
- Choice of laptop when starting (up to $5k machine)
- Above Market Salary
- Monthly "Hack Day"
- Keep your personally developed tools should you leave
- Keep any bounties you receive through submissions during an engagement
We are a forward thinking company and always looking for ways to boost our team culture and ensure we are a destination employer.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: ASP.NET Burp Suite CREST Encryption Java Nessus Open Source OSCP OSWE Pentesting PHP Vulnerabilities
Perks/benefits: Career development Gear
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs