Description:

We are seeking motivated Senior Pen Tester (Security) to be part of a team that evaluates a wide range of NAB group products and services – to identify security weaknesses and exposures that pose a risk to the enterprise, and work with teams to understand their risk and path to remediation.

What will you be responsible for?

1. Working with a diverse range of colleagues to define security testing activities (scope) across target applications and infrastructure
2. Continuous improvement and best practices to promote continuous improvement of penetration testing methodologies and processes
3. Delivery of technical reports and documentation
4. Communication of security vulnerabilities and exposures to internal stakeholders
5. Perform penetration testing and vulnerability assessments, including the triage of findings to determine key exposures. Expanding upon this responsibility, you will also be required to perform:

• • Tests against various technical assets (applications, networks), as expanded upon below
  • Physical Security Assessments
  • Security Audits
  • Analyse Security Policies
  • Write Security Assessment Reports

Your Skills and Experience

Must have

1. Extensive experience as a penetration tester or security analyst, with experience in large organisations.
2. Extensive experience penetration testing various assets, including but not limited to; web applications, mobile applications, networks/infrastructure, and cloud services. You should highlight any key strengths across these disciplines.
3. A clear understanding of both manual and automated penetration testing techniques, including knowledge of common penetration testing tools and the impacts they have on systems.
4. Fluent understanding of cloud technologies (AWS, Azure), Linux and Windows OSes, and mobile technologies
5. A comprehensive understanding of Penetration Testing frameworks and methodologies (OWASP, OSSTTMM, WAHH).
6. Advanced problem-solving skills
7. Excellent written and verbal communication skills – with experience writing and conveying complex penetration testing findings and their associated risks through reports to stakeholders; findings writeups, or verbal discussions.
8. Ability to attend to the detail on multiple concurrent tasks while meeting various deadlines.
9. Industry certifications such as OSCP, CREST (CRT, CCT), or equivalent are highly desired
10. Training on self-development platforms (i.e. HackTheBox, Pentesterlabs, wechall, etc.)

Nice-to-have

1. Experience working in large enterprise organisations e.g. banking
2. Exposure to Microservices, Web and Cloud technologies
3. Degree in Computer Science, Information System or similar

CLOUD FIRST

NAB is undergoing an exciting "Cloud First" technology transformation by taking advantage of the latest tools and techniques used by leading technology and digital companies globally. But it’s not just about the Tech, we are also investing heavily in our people, so if you have an appetite to learn, grow and elevate others around you, this is the place for you!

IT'S MORE THAN MONEY!

We naturally also provide a very competitive remuneration package but a career with us is about a lot more than money. We believe in people with ideas and dreams, and we want you to achieve your aspirations. We'll work together to deliver exceptional products and outcomes that push the limits of our own aspirations. Our passion for creating value and exceeding our customers' expectations means we're constantly striving to redefine our standards of excellence. You'll have our backing to develop and our encouragement to explore, realize and reach your full potential.

If this excites you, let's have a chat over a cup of coffee