Create impact as an Offensive Security Specialist.Join the largest insurance group in Australia and New Zealand.YOUR ROLEAs an Offensive Security Specialist, you'll be at the forefront of safeguarding our organisation's people, information, and assets through delivering innovative Offensive Security services. Your role involves continuously evaluating and challenging security controls to enhance our security landscape and create a safer digital environment.Day-to-day, you'll dive into infrastructure and application penetration testing to ensure our systems meet stringent security requirements and to uncover any potential vulnerabilities. You'll also immerse yourself in scenario-based technical assessments, mirroring the tactics, techniques, and procedures of real-world threat actors, all aimed at achieving our security objectives.Beyond assessments, you'll play a pivotal role in driving the entire technical assessment lifecycle, from planning to execution, while also contributing your expertise to shape and refine our technical assessment policies, standards, and procedures.
This is a permanent position can be based in either Australia or New Zealand.ABOUT YOU
- Expertise in infrastructure and web application security testing methodologies and frameworks like OWASP, PTES, OSSTMM, and ISSAF.
- Familiarity with OWASP standards such as ASVS (Application Security Verification Standard) and CVSS (Common Vulnerability Scoring System), including the OWASP Testing Guide.
- Technical proficiency in web technologies such as HTML, JavaScript, Java/J2EE, ASP/.NET, PHP, Rest APIs, AngularJS, NodeJS, Bootstrap, etc.
- Proven track record in conducting vulnerability assessment and penetration testing of various platforms including Web Applications, APIs, Mobile, and Network Infrastructure, both on-premise and within cloud environments (e.g., AWS/Azure).
- Experience collaborating in SecDevOps environments or interfacing with development teams to gather security testing requirements, autonomously managing penetration tests, and providing effort estimations.
- Proficiency in working with the Kali Linux environment, as well as Android/iOS environments, including installing/troubleshooting security tools and resolving OS-related issues.
- Capability to set up insecure applications (e.g., OWASP Broken Web Applications) in testing environments to evaluate security tools for application scanning, identifying false positives, and managing remediation processes.
- Working experience in Nessus, Burp Suite Pro, ZAP Proxy, Maltego, Wireshark, SQLMAP and other widely used security tools.
- Penetration testing security certifications such as OSCP / OCSE / CRT / CCT.
2. Access up to 50% off personal insurance, including home and motor insurance
3. Partner discounts on every day and special occasion items
4. A certified Family Inclusive WorkplaceTM
5. 20-days paid emergency services leave a yearWe're ready for you. Apply today.Learn more about .