Penetration Tester

MTP Services

Exciting opportunity for an experienced Cyber Security Penetration Tester to join a Federal Government client on a long-term contract

Penetration testers perform security testing for all external-facing applications, websites and/or portals prior to system release to attempt to identify vulnerabilities within the codebase, system configurations, and architecture in order to assist the department to prevent security breaches.

To perform the duties of a Penetration Tester they will require demonstrated experience in:
  • Web application penetration techniques
  • Mobile penetration testing techniques
  • Infrastructure penetration techniques
  • Product security assessments
  • Industry-standard methodologies such as OWASP and PTES
Penetration tester as a minimum should be able to:
  • Perform scanning and identification of issues/vulnerabilities using commercial tools and other custom scripts/tools as required
  • Perform manual verification of scan results where required, prove potential vulnerabilities to exploitable vulnerabilities
Mandatory Criteria
  • Experience conducting web application penetration testing against complex enterprise platforms built with a variety of technologies including Java, NodeJS, Angular and SAP.
  • Experience in the development of penetration testing reports detailing vulnerabilities found, priority ratings, recommended treatments, and an executive summary detailing business risk along with systemic recommendations.
  • Demonstration of practical skills in a live assessment conducted on-site.
Ideal Candidate
  • Working with system owners to develop a test scope, prepare for testing and ensure remediation has been completed effectively
  • Experience conducting mobile penetration tests
  • Infrastructure penetration testing against enterprise-grade, infrastructure hosted on both Windows and Linux based platforms
  • Experience working as part of a team on large scale engagements
  • Product security assessments, combining penetration testing techniques with reverse engineering and exploit development
  • 5 years’ experience conducting web application and infrastructure penetration tests
Candidates must have current NV1 Clearance

For further information, please contact Haani Hussain from MTP Services on 0416 804 514, or via email at haani.hussain@mtpservices.com.au