This is an opportunity for an experienced Penetration Tester to work for a Federal Government agency.
You will be responsible for identifying vulnerabilities in systems and providing proof of concepts for exploitation that demonstrates impact to the business.
The role’s responsibilities will include but are not limited to:
• Web application and mobile penetration testing against complex enterprise platforms built with a variety of technologies including, but not limited to, Java, NodeJS, Angular, SAP, IBM WebSphere, OpenShift and Active Directory.
• Infrastructure penetration testing against enterprise grade systems hosted on both Windows and Linux based platforms.
• Development of penetration testing reports detailing any vulnerabilities, priority ratings, recommended treatments, and an executive summary detailing business impacts and systemic recommendations.
• Working with system owners to develop a test scope, prepare for testing and ensure remediation has been completed effectively.
• Working collaboratively with your team and clients to continuously grow and share knowledge and improve team processes.
• Mentoring and skill development of junior penetration testers.
Your Background and Experience
Salary / Rate
How To Apply
Hourly rate negotiable
To apply online, please click on the appropriate link. If you have already filled out our Candidate Registration Form for another role previously, please contact us on firstname.lastname@example.org.
Alternatively, for a confidential discussion, please contact Anthony Mora on 0407 526 656 or email@example.com
Xaana ARIMA is committed to building a diverse and inclusive workforce and we encourage applications from people of all cultures, capabilities and backgrounds.
The ideal candidate will have demonstrated experience in:
• Delivering a wide range of security assurance services, including but not limited to web application penetration tests, network and infrastructure penetration tests.
• Knowledge of OWASP top 10 vulnerabilities and PTES methodology is desired but not required.
• Perform scanning using commercial tools and other custom scripts/tools as required to identify issues/vulnerabilities.
• Perform manual verification of scan results where required and provide exploit proof of concept for potential vulnerabilities.
• Preparing high quality reports detailing security issues, recommendations for treatments, and identifying solutions.
• High level of communication skills.
• Continuously looking to grow and develop your technical and professional skills with a proven track record of self-initiated learning and involvement in the pen testing community is highly regarded.