ANZ Banking Group Limited ANZ offers a range of personal banking services such as internet banking, bank accounts, credit cards, home loans, personal loans, travel and international, investment and insurance. Learn about easy and secure ways to manage your money. View company page
At ANZ, we're applying new ways technology and data can be harnessed as we work towards a common goal: to improve the financial wellbeing and sustainability of our millions of customers.
Our community of over 5,000 engineers is key to making this happen, because technology underpins every part of our business - from delivering tools, apps and services for our customers, to building a bank for the future.
About the Role
As a Engineerin ourPenetration Testing Squadyou'll play a key role in helping to is to keep ANZ safe through the active identification of cyber security threat within the systems and/or services that are used or the applications that are developed.. This role consists of senior software engineering roles that drive the right engineering practices, standards and engineering ways of working within a squad or group of squads.
Banking is changing and we're changing with it, giving our people great opportunities to try new things, learn and grow. Whatever your role at ANZ, you'll be building your future, while helping to build ours.
What will your day look like?As anEngineerinPenetration Testing squad,drive ANZ's information security efforts by providing Subject Matter Expertise in delivering security and penetration testing activities of applications and systems across the enterprise. In addition, this role will also assist in automation and integration of application security toolset within the enterprise CI/CD pipeline to enable DevSecOps and to maintain the application security toolset and the platform.
What will you bring?
To grow and be successful in this role, you will ideally bring the following:
Must Have:
• Proven experience in performing penetration testing of various application types including web, web services, APIs, mobile and thick client.
• Demonstrable proficiency of penetration testing in cloud (GCP, AWS) and container (Docker, Kubernetes & OpenShift) space
• Strong understanding of threats, vulnerabilities, risks, exploits and associated security testing needed
• Hands-on experience in all the phases of penetration testing activity including scoping, testing, providing remediation guidance, reporting and quality review
• Experience in running through multiple exploitation scenarios as part of penetration testing activity
• Experience in the execution of security testing using automated tools (dynamic application security testing tools) and manual techniques
• Knowledge of APIs and integration patterns offered by the application security toolsets and its usage to facilitate integration and automation
• Delivery of penetration testing activity as part of an agile delivery model and to support DevSecOps
• Strong communication, presentation, and stakeholder management skills
• Excellent consulting skills with the ability to communicate clearly to developers and senior management at the expected level
• A desire to continuously learn new techniques / technologies and bring innovative ideas into the squad
• Lead penetration testing activity and ability to motivate, mentor individuals within the team and show genuine interest in their career development
• Experience in facilitating DevSecOps and integrating application security toolsets within CI/CD pipeline at an enterprise level including DAST, SAST, SCA
• Maintain application security toolsets deployed enterprise wide including upgrade of toolset and platforms, maintaining the database used by these toolsets
• Security Penetration Testing qualification such as GPEN, OSCP are advantage but not mandatory
• Familiar with collaboration tools such as Atlassian.
We know not everyone will bring all of the skills and experience, and at ANZ we are focused on people bringing a growth mindset to their approach to work. Some of the skills we are looking for are below, but don't worry if you don't have all of these as learning on the job is the way we work.
So why join us?From the moment you join ANZ, you'll be doing meaningful work that will shape a world where people and communities thrive.
But it's not just our customers who'll feel your impact. you'll feel it too. Because at ANZ, you'll have the resources, opportunities, and support you need to take the next big step in your career.
We're a diverse bunch at ANZ in different roles, different locations, doing different things. That's why we have a range of flexible working arrangements, so our people can 'make work, work for them'. We also provide a range of benefits including access to health and wellbeing services and discounts on selected products and services from ANZ and more.
At ANZ, you'll be part of an organisation where the different backgrounds, perspectives and life experiences of our people are celebrated. That's because We're committed to building a workplace that reflects the diversity of the communities we serve. We welcome applications from everyone and encourage you to talk to us about any adjustments you may require to our recruitment process or the role itself. If you are a candidate with a disability or access requirement, let us know how we can provide you with additional support.
To find out more about working at ANZ, visit . You can apply for this role by visiting ANZ Careers and searching for reference number 68622
Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr
