Senior Technical Advisor - Penetration Testing

Acknowledgement of Country

CSIRO acknowledges the Traditional Owners of the land, sea and waters, of the area that we live and work on across Australia. We acknowledge their continuing connection to their culture and pay our respects to their Elders past and present. View our vision towards reconciliation

Child safety

CSIRO is committed to the safety and wellbeing of all children and young people involved in our activities and programs. View our Child Safe Policy.

The opportunity

• Supportive and truly inclusive environment
• Innovative and rewarding workplace with fantastic flexibility 
• Enhance your career with Australia's premier research organisation

CSIRO's Cyber Security Resilience team plays a critical role in protecting CSIRO’s information assets and enabling the achievement of Australia’s scientific and research objectives. Our team provides expertise in cyber assurance & advisory, cyber architecture & engineering, third-party cyber risk management, vulnerability management, and penetration testing.

We are seeking a Senior Technical Advisor (Penetration Tester) to lead comprehensive penetration testing engagements across our network infrastructure, applications, and cloud environments. In this role, you will utilise your deep knowledge of security best practices and advanced exploitation techniques to uncover vulnerabilities and assess the defense mechanisms of various technologies. 

The successful candidate will have experience across a broad range of industries and can demonstrate subject matter expertise in providing technical testing and assurance capabilities to organisations, through positive collaborative engagement with key stakeholders.

Your duties will include:

• Plan, execute, and document penetration testing engagements against internal systems, applications, and cloud environments.
• Identify, exploit, and report critical vulnerabilities using various penetration testing methodologies and tools.
• Develop and execute custom exploits and attack vectors to bypass security controls.
• Analyse vulnerabilities, assess their impact, and prioritise remediation efforts.
• Develop and deliver technical reports outlining findings, recommendations, and proof-of-concept exploits.

Location: Sydney (Lindfield), Melbourne (Clayton), Canberra (Black Mountain), Brisbane (St Lucia), Adelaide & Hobart

Salary: Negotiable 

Tenure: Indefinite

Reference: 98487

To be considered you will need:

• Demonstrated 5+ years’ experience in penetration testing (enterprise networks, web applications, and phishing).
• Demonstrated experience in technical security operations.
• Demonstrated experience in scoping business areas for security analysis/testing.
• Demonstrated experience in report writing, and peer review/quality assurance.
• Excellent presentation skills plus ability to talk to all levels of staff including Executive and ability to persuade and influence.
• Excellent interpersonal, collaboration, and communication skills along with the ability to apply initiative, autonomy, quality of work, and teamwork; and

Desirable: 

• OSCP (Offensive Security Certified Professional) certification. 
• Experience in providing mentoring to cyber security staff.
• Experience in contributing to the development of security-supporting policies, procedures, standards and guidelines.

For full details about this role please review the Position Description

Eligibility

Applications for this position are open to Australian Citizens Only

Appointment to this role is subject to provision of a national police check and the ability to obtain and maintain a security clearance at the NV1 level.

Flexible working arrangements

We work flexibly at CSIRO, offering a range of options for how, when and where you work. 

Diversity and inclusion

We are working hard to recruit people representing the diversity across our society, and ensure that all our people feel supported to do their best work and feel empowered to let their ideas flourish. 

About CSIRO

At CSIRO Australia's national science agency, we solve the greatest challenges through innovative science and technology. We put the safety and wellbeing of our people above all else and earn trust everywhere because we only deal in facts. We collaborate widely and generously and deliver solutions with real impact. 

CSIRO is committed to values-based leadership to inspire performance and unlock the potential of our people.

Join us and start creating tomorrow today!

How to apply

Please apply on-line and provide a cover letter and CV that best demonstrate your motivation and ability to meet the requirements of this role.

Applications close

16 February 2025, 11:00pm AEDT