Offensive Security Specialist
Sydney, NSW, AU
Create impact as an Offensive Security Specialist.
Join the largest insurance group in Australia and New Zealand.
YOUR ROLE
As an Offensive Security Specialist, you'll be at the forefront of safeguarding our organisation's people, information, and assets through delivering innovative offensive security services. Your role involves continuously evaluating and challenging security controls to enhance our security landscape and create a safer digital environment.
Day-to-day, you'll dive into infrastructure and application penetration testing to ensure our systems meet stringent security requirements and to uncover any potential vulnerabilities. You'll also immerse yourself in scenario-based technical assessments, mirroring the tactics, techniques, and procedures of real-world threat actors, all aimed at achieving our security objectives.
Beyond assessments, you'll play a pivotal role in driving the entire technical assessment lifecycle, from planning to execution, while also contributing your expertise to shape and refine our technical assessment policies, standards, and procedures.
This is a permanent position can be based in either Australia or New Zealand.
ABOUT YOU
• Expertise in infrastructure and web application security testing methodologies and frameworks like OWASP, PTES, OSSTMM, and ISSAF.
• Familiarity with OWASP standards such as ASVS (Application Security Verification Standard) and CVSS (Common Vulnerability Scoring System), including the OWASP Testing Guide.
• Technical proficiency in web technologies such as HTML, JavaScript, Java/J2EE, ASP/.NET, PHP, Rest APIs, AngularJS, NodeJS, Bootstrap, etc.
• Proven track record in conducting vulnerability assessment and penetration testing of various platforms including Web Applications, APIs, Mobile, and Network Infrastructure, both on-premise and within cloud environments (e.g., AWS/Azure).
• Experience collaborating in SecDevOps environments or interfacing with development teams to gather security testing requirements, autonomously managing penetration tests, and providing effort estimations.
• Proficiency in working with the Kali Linux environment, as well as Android/iOS environments, including installing/troubleshooting security tools and resolving OS-related issues.
• Capability to set up insecure applications (e.g., OWASP Broken Web Applications) in testing environments to evaluate security tools for application scanning, identifying false positives, and managing remediation processes.
• Working experience in Nessus, Burp Suite Pro, ZAP Proxy, Maltego, Wireshark, SQLMAP and other widely used security tools.
• Penetration testing security certifications such as OSCP / OCSE / CRT / CCT.
Applications close on Wednesday, 08 May 2024 at 23:59pm.
ABOUT US
IAG is the largest general insurance group in Australia and New Zealand. We’re also a tech and research facility, a hub for climate change experts and a centre of resilience design. We chat over coffee with customers, advocate for them in the corridors of Parliament and back them up in the community when life’s moments hit hardest.
You’ll know our brands – NRMA Insurance, CGU, WFI, ROLLiN’, AMI, NZI, and State Insurance to name a few. Together they turn our IAG purpose of making your world safer into action by helping, supporting ambitions and making insurance accessible.
We celebrate unique viewpoints shaped by life experiences, cultures and passions. We expand careers, genuinely connect with community, lead with a powerful purpose and celebrate what makes you individual.
We’re also guided by the knowledge and voice of Aboriginal and Torres Strait Islander peoples, businesses and communities. Collaborating on Indigenous-led solutions that enable growth, develop resilience and create meaningful change.
We're passionate about social issues, walk the talk on sustainability and strive to do more than standard on things that matter, including women in senior leadership, Indigenous empowerment and creating inclusive environments. We’re proud to be an accredited family-friendly workplace and are committed to being a safe and supportive space for all our employees. We do this because we’re ready for you.
All this shows up in what we offer:
1. Grow your financial future with 13% superannuation as standard
2. Access up to 50% off personal insurance, including home and motor insurance
3. Partner discounts on every day and special occasion items
4. A certified Family Inclusive WorkplaceTM
5. 20-days paid emergency services leave a year
We’re ready for you. Apply today.
Learn more about who IAG is here.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Android APIs Application security AWS Azure Burp Suite Cloud CVSS iOS Java JavaScript Kali Linux Nessus Node.js Offensive security OSCP OWASP Pentesting PHP Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs