- 12 month engagement + extensions
- Must have NV1
- Candidate must be an Australian citizen
The Role
You will play a critical part in safeguarding digital assets by conducting internal, in-depth security assessments on government networks, applications, and systems on a global scale. Working with other cyber security teams, you will simulate advanced cyber attacks to identify vulnerabilities that could be exploited by hostile entities, ensuring that our defence mechanisms are resilient and effective.
Key duties and responsibilities
- Conduct in-depth security assessments on networks, applications, and systems to identify vulnerabilities.
- Simulate advanced cyber-attacks to test the resilience of defence mechanisms.
- Perform detailed vulnerability assessments and participate in red team operations.
- Collaborate with intelligence analysts to integrate the latest threat intelligence into testing methodologies.
- Collaborate with cyber analysts to uplift the security posture of the department.
- Prepare comprehensive reports for business and senior executive, translating complex technical findings into clear, actionable recommendations.
Essential criteria
- Experience: Minimum 3 years’ experience in penetration testing, vulnerability assessment, or related fields within a government context.
- Technical Expertise: Advanced proficiency with penetration testing tools such as Metasploit, Burp Suite, Nmap, and custom-developed tools. In-depth knowledge of government cyber security standards, such as the Protective Security Policy Framework (PSPF) and Information Security Manual (ISM). Extensive knowledge of the MITRE ATT&CK, and similar knowledge bases.
Desirable criteria
- Scripting: Strong scripting abilities in languages such as Python, Bash, or PowerShell to develop and automate testing processes.
- Emerging Threats: Awareness of emerging security threats and vulnerabilities, and familiarity with various security testing methodologies and frameworks to assess these threats.
- Experience: Experience with cloud and container technologies like AWS, Azure, or Kubernetes will be beneficial.
- Knowledge: Extensive knowledge of OWASP Top 10, network protocols, secure communication methods, operating systems (Windows, Linux, macOS), and security for critical infrastructure
How to apply:
Please hit the apply button now. Only suitable candidates will be contacted. Randstad actively encourages applications from Aboriginal and Torres Strait Islander people.
At Randstad Digital, we are passionate about providing equal employment opportunities and embracing diversity to the benefit of all. We actively encourage applications from any background.