Penetration Tester

As a member of the Triskele Labs Penetration Testing team, you will have a sound knowledge of the Information Securityindustry, in particular Penetration Testing practices. Penetration Testers conduct Penetration Testing of client assets, networks, applications, and infrastructure, to identify vulnerabilities and security flaws within the scope of an engagement. The Penetration Tester will then detail any such issues once identified within a detailed report, accurately identifying and describing their potential impact and technical complexity in tandem with recommendations to mitigate the issue.

The Penetration Tester will conduct Penetration Tests of the following types:

• Web Applications
• Mobile Applications
• External Infrastructure
• Internal Infrastructure

You will fluently operate software to conduct the above penetration testing activities, including but not limiting to:

• Web application proxy (i.e. BurpSuite)
• Scanners, such as Nessus, web application scanners and open source tools
• Directory brute forcing tools
• Encryption configuration verification
• Response header identification
• Tools specific to a web technology, i.e. ASP.NET, PHP, Java, etc

You will maintain and respond to all client communications in a timely fashion during an engagement, including answering standard and basic questions, taking phone calls, sending daily start and end emails, and more. In addition, you will review peer reports for engagements and provide succinct, considered feedback to improve the quality of the report and ensure the report is completed to the expected quality standard prior to passing the report to the Penetration Testing Team Lead for final review.

Requirements

Triskele Labs provide bespoke services to our clients, which makes us unique. We are not only looking for technical brilliant Penetration Testers, but also those with excellent soft skills. Aside from these technical skills, you will posses:

• OSCP Mandatory
• OSWE preferable
• CREST Registered Tester (CRT) preferable
• Demonstrated experience as a Penetration Tester, in particular focusing on Web Applications
• Excellent English Skills
• Ability to work with clients during testing

Benefits

Team culture is everything to Triskele Labs and it is the reason we exist. Our founder set out to create a cybersecurity company that is a place our team love to work. While we focus this culture on the team in Australia, the pivot to remote working has ensured that we provide this for all team members, on-site or remote. We will continue to strive for excellence with our inclusive team culture through initiatives developed by our People and Culture team. In addition, we provide:

• Annual Training Budget and Paid Training Leave
• Paid Secondary Care Giver Leave (up to 12 weeks post 12 months of service)
• Additional days of leave - 'Birthday Leave' and 'Doona Day'
• Continual Learning Scenarios through team knowledge sharing
• Access to Employee Assistance Program (EAP) for all team members
• Social functions organised by our People & Culture Team
• Choice of laptop when starting (up to $5k machine)
• Above Market Salary
• Monthly "Hack Day"
• Keep your personally developed tools should you leave
• Keep any bounties you receive through submissions during an engagement

We are a forward thinking company and always looking for ways to boost our team culture and ensure we are a destination employer.