Job description
Penetration Tester
DFP Recruitment are working with a Large Federal Government department to source an experienced technical cyber security resource with a background in either using or performing analysis on software vulnerabilities to assist with the workload with HOT CHIPs. The right candidate may have worked as a penetration tester or SOC analyst and will have experience assessing the likely impact of software vulnerabilities including tasks such assessing and running up proof of concept exploitation code, conducting open-source research to identify and assess emerging vulnerabilities and working to identify systems susceptible to particular software vulnerabilities. Experience in analysing vulnerabilities in ICS/OT devices is highly desirable.
There is an expectation that successful candidates will work 5 days per week (estimated 40-hour week). On boarding is in Canberra, but some remote work from other locations may be possible subject to cultural fit.
Responsibilities
Applicants new to DFP may be asked to provide additional information including work rights status via a survey link – if requested, we ask that you provide this information in order to expedite your application.
DFP welcomes applications from Aboriginal and Torres Strait Islander people, people with diverse cultural and linguistic backgrounds and people with disability. In addition, DFP will provide reasonable adjustments for individuals with disability throughout the recruitment process. If you identify as a person with disability and require adjustments to the application, recruitment, selection and/or assessment process, please advise via adjustments@dfp.com.au or 1300 337 000 and indicate your preferred method of communication (email, phone, text) so we can keep in touch and meet your accessibility needs.
By clicking 'apply', you give consent that DFP may use your personal information to process your job application and to contact you for future employment opportunities. For further information on how DFP process your personal information please review the DFP Information Collection and Privacy Policy via https://www.dfp.com.au/about-us/policies. Do not submit any sensitive personal information in your resume.
- $100 - $150 / Hourly Rate + Super
- Canberra, City
- 12-month contract (2 x 12-month extensions)
- Start date 5th August, 24
DFP Recruitment are working with a Large Federal Government department to source an experienced technical cyber security resource with a background in either using or performing analysis on software vulnerabilities to assist with the workload with HOT CHIPs. The right candidate may have worked as a penetration tester or SOC analyst and will have experience assessing the likely impact of software vulnerabilities including tasks such assessing and running up proof of concept exploitation code, conducting open-source research to identify and assess emerging vulnerabilities and working to identify systems susceptible to particular software vulnerabilities. Experience in analysing vulnerabilities in ICS/OT devices is highly desirable.
There is an expectation that successful candidates will work 5 days per week (estimated 40-hour week). On boarding is in Canberra, but some remote work from other locations may be possible subject to cultural fit.
Responsibilities
- Maintaining visibility on new and important vulnerabilities that become known in open source.
- Investigating those vulnerabilities to determine the risk they pose to government the Australian economy.
- Liaising and working with other CHIPs colleagues to determine the threat posed by particular vulnerabilities to the Australian economy.
- Informing determinations about alerting and targeted communications.
- The technical mechanisms of different software vulnerabilities,
- Different classes of vulnerabilities including – RCE, LPE.
- Different vulnerability mechanisms including – Deserialization, path traversal, authentication bypass.
- General technical cyber security skills including potentially skills from either an offensive or defensive perspective.
- Possess skills in monitoring open-source vulnerability information.
- Have experience triaging vulnerabilities against an enterprise, particularly for internet facing systems.
- Be comfortable assessing new vulnerabilities at a time when reliable information is hard to come by.
- Have experience working with a team to deliver time critical outcomes.
- Experience using and/or analysing software vulnerabilities (particularly remote vulnerabilities).
- Experience building software (scripts etc) to detect and verify software vulnerabilities.
- Experience in vulnerability management/vulnerability triage.
- Experience analysing and searching open-source reporting for timely vulnerability information.
- General technical cyber security skills.
- Understanding of ICS/OT devices and potential vulnerabilities
- Australian Citizenship and Baseline Clearance
- Applications close 14th June, 24
Applicants new to DFP may be asked to provide additional information including work rights status via a survey link – if requested, we ask that you provide this information in order to expedite your application.
DFP welcomes applications from Aboriginal and Torres Strait Islander people, people with diverse cultural and linguistic backgrounds and people with disability. In addition, DFP will provide reasonable adjustments for individuals with disability throughout the recruitment process. If you identify as a person with disability and require adjustments to the application, recruitment, selection and/or assessment process, please advise via adjustments@dfp.com.au or 1300 337 000 and indicate your preferred method of communication (email, phone, text) so we can keep in touch and meet your accessibility needs.
By clicking 'apply', you give consent that DFP may use your personal information to process your job application and to contact you for future employment opportunities. For further information on how DFP process your personal information please review the DFP Information Collection and Privacy Policy via https://www.dfp.com.au/about-us/policies. Do not submit any sensitive personal information in your resume.