Penetration Tester
$100 - $150 / Hourly Rate + Super
Canberra, City
12-month contract (2 x 12-month extensions)
Start date 5th August, 24
About the role
DFP Recruitment are working with a Large Federal Government department to source an experienced technical cyber security resource with a background in either using or performing analysis on software vulnerabilities to assist with the workload with HOT CHIPs. The right candidate may have worked as a penetration tester or SOC analyst and will have experience assessing the likely impact of software vulnerabilities including tasks such assessing and running up proof of concept exploitation code, conducting open-source research to identify and assess emerging vulnerabilities and working to identify systems susceptible to particular software vulnerabilities. Experience in analysing vulnerabilities in ICS/OT devices is highly desirable .
There is an expectation that successful candidates will work 5 days per week (estimated 40-hour week). On boarding is in Canberra, but some remote work from other locations may be possible subject to cultural fit.
Responsibilities
Maintaining visibility on new and important vulnerabilities that become known in open source.
Investigating those vulnerabilities to determine the risk they pose to government the Australian economy.
Liaising and working with other CHIPs colleagues to determine the threat posed by particular vulnerabilities to the Australian economy.
Informing determinations about alerting and targeted communications.
Knowledge and Experience
The technical mechanisms of different software vulnerabilities,
Different classes of vulnerabilities including – RCE, LPE.
Different vulnerability mechanisms including – Deserialization, path traversal, authentication bypass.
General technical cyber security skills including potentially skills from either an offensive or defensive perspective.
Possess skills in monitoring open-source vulnerability information.
Have experience triaging vulnerabilities against an enterprise, particularly for internet facing systems.
Be comfortable assessing new vulnerabilities at a time when reliable information is hard to come by.
Have experience working with a team to deliver time critical outcomes.
Essential criteria
Experience using and/or analysing software vulnerabilities (particularly remote vulnerabilities).
Experience building software (scripts etc) to detect and verify software vulnerabilities.
Experience in vulnerability management/vulnerability triage.
Experience analysing and searching open-source reporting for timely vulnerability information.
Desirable criteria
General technical cyber security skills.
Understanding of ICS/OT devices and potential vulnerabilities
Eligibility
Australian Citizenship and Baseline Clearance
Applications close 14th June, 24
If you feel you are a suitable candidate submit your application by hitting 'Apply for this job'. Alternatively, contact Mishael Solomon on 02 6162 7317 or email via ****** for further discussion.
Applicants new to DFP may be asked to provide additional information including work rights status via a survey link – if requested, we ask that you provide this information in order to expedite your application.
DFP welcomes applications from Aboriginal and Torres Strait Islander people, people with diverse cultural and linguistic backgrounds and people with disability. In addition, DFP will provide reasonable adjustments for individuals with disability throughout the recruitment process. If you identify as a person with disability and require adjustments to the application, recruitment, selection and/or assessment process, please advise via ****** or1300 337 000and indicate your preferred method of communication (email, phone, text) so we can keep in touch and meet your accessibility needs.
By clicking 'apply', you give consent that DFP may use your personal information to process your job application and to contact you for future employment opportunities. For further information on how DFP process your personal information please review the DFP Information Collection and Privacy Policy via https://www.dfp.com.au/about-us/policies .Do not submit any sensitive personal information in your resume.
#J-18808-Ljbffr
