Hudson is working with a high profile Federal Government client seeking a Vulnerability specialist to assist in understanding and hardening their internet facing attack surface by looking for and reporting on issues such as critical vulnerabilities, open ports and services, encryption and email security configurations and other significant internet facing cyber hygiene issues.The ideal candidate will have an experienced Cyber Security background in either using or performing analysis on software vulnerabilities and have previously worked as a penetration tester or SOC analyst, and will have experience assessing the likely impact of software vulnerabilities including tasks including running up proof of concept exploitation code, conducting open source research to identify and assess emerging vulnerabilities and working to identify systems susceptible to particular software vulnerabilities. Experience in analysing vulnerabilities in ICS/OT devices is highly desirable.Responsibilities include:
- Maintaining visibility on new and important vulnerabilities that become known in open source
- Investigating those vulnerabilities to determine the risk they pose to the client
- Liaising and working with colleagues to determine the threat posed by particular vulnerabilities
- Informing determinations about alerting and targeted communications.
- The technical mechanisms of different software vulnerabilities
- Different classes of vulnerabilities including - RCE, LPE.
- Different vulnerability mechanisms including - Deserialisation, path traversal, authentication bypass.
- General technical Cyber Security skills including potentially skills from either an offensive or defensive perspective.
- Possess skills in monitoring open-source vulnerability information.
- Have experience triaging vulnerabilities against an enterprise, particularly for internet facing systems.
- Be comfortable assessing new vulnerabilities at a time when reliable information is hard to come by.
- Have experience working with a team to deliver time critical outcomes.
- Canberra based
- Australian Citizen with an active Security Clearance
- Initial 12-month contract starting 1st July 2024 with up to 2x12 month extensions