Senior/ Middle Security Engineer (Pen Tester)

ABOUT THE JOB

• Bring your ideas, ambitions, and passions both in and outside of work
• Be rewarded and recognised for the value you bring
• You’ll be supported to manage your career, work and life

It’s more than a career at NAB. It’s about more opportunity, more moments to make a difference and more focus on you.

Your job is just one part of your life. When you bring your ideas, energy, and hunger for growth to us, you’ll be recognised and rewarded for your contribution in return. You’ll have our support to excel for our customers, deliver positive change for our communities and grow your career.

It’s a good time to see what more you can find at NAB as an Offensive Security Engineer (Pen Tester).

JOB RESPONSIBILITIES

1. Working with a diverse range of colleagues to define security testing activities (scope) across target applications and infrastructure
2. Continuous improvement and best practices to promote continuous improvement of penetration testing methodologies and processes
3. Delivery of technical reports and documentation
4. Communication of security vulnerabilities and exposures to internal stakeholders
5. Perform penetration testing and vulnerability assessments, including the triage of findings to determine key exposures. Expanding upon this responsibility, you will also be required to perform:

• Tests against various technical assets (applications, networks), as expanded upon below
• Physical Security Assessments
• Security Audits
• Analyse Security Policies
• Write Security Assessment Reports

EXPERIENCE & QUALIFICATIONS

Must have

1. Extensive experience as a penetration tester or security analyst, with experience in large organizations.
2. Extensive experience penetration testing various assets, including but not limited to; web applications, mobile applications, networks/infrastructure, and cloud services. You should highlight any key strengths across these disciplines.
3. A clear understanding of both manual and automated penetration testing techniques, including knowledge of common penetration testing tools and the impacts they have on systems.
4. Fluent understanding of cloud technologies (AWS, Azure), Linux and Windows OSes, and mobile technologies
5. A comprehensive understanding of Penetration Testing frameworks and methodologies (OWASP, OSSTTMM, WAHH).
6. Advanced problem-solving skills
7. Excellent written and verbal communication skills – with experience writing and conveying complex penetration testing findings and their associated risks through reports to stakeholders; findings writeups, or verbal discussions.
8. Ability to attend to the detail on multiple concurrent tasks while meeting various deadlines.
9. Industry certifications such as OSCP, CREST (CRT, CCT), or equivalent are highly desired
10. Training on self-development platforms (i.e. HackTheBox, Pentesterlabs, wechall, etc.)

Nice-to-have

1. Experience working in large enterprise organizations e.g. banking
2. Exposure to Microservices, Web, and Cloud technologies
3. Degree in Computer Science, Information System, or similar

THE BENEFITS AND PERKS

1. Very competitive remuneration package
2. Generous private family healthcare for yourself and your family members
3. A solid team behind you - great people who love what they do
4. The pleasant, enthusiastic, international work environment
5. Opportunity for traveling & training in Australia
6. Brand new & state of the art Agile offices
7. Latest technologies, flexible working hours
8. A promising training and career path
9. Fun team activities & outing
10. English learning with native English teachers

If this excites you, let's have a chat over a cup of coffee!