Principal Cyber Security Pen Tester, Strategy Cybersecurity

**Overview**:
**Work Type**:Ongoing - Full-time

**Salary**: $138,631 - $185,518

**Grade**:VPS 6

**Occupation**:IT and telecommunications

**Location**:Melbourne - CBD and Inner Metro suburbs

**Reference**:VG/DH/EHEALTH/760076

The Department of Health plays a critical role in the Victorian health system and is responsible for shaping it to meet the health needs of all Victorians. We’re focused on
supporting Victorians to be as healthy as they can; whether through alerting them to seasonal risks like thunderstorm asthma, notifying them of contact with
communicable diseases, safeguarding their drinking water, developing the best health, wellbeing and care facilities in the world, being at the forefront of mental health and
wellbeing treatment or accelerating medical research. It’s all part of the way we partner with the community to help every individual lead a healthy life.
**About the role**:

- The Principal Cyber Security - Penetration Testing role will be responsible for conducting penetration testing and vulnerability assessments, in collaboration with the Manager, Enterprise Cybersecurity Operations. The role will lead the development and management of penetration testing and vulnerability assessment activities, including the production of cyber security risk reports with findings and recommendations.
- The role will assist in the implementation of technical risk treatments, regularly review penetration testing tools and services, and update vulnerability configurations. This includes developing new vulnerability assessment schedules as required. The role will also support the implementation of security controls and coordinate their deployment across a range of predominantly cloud-based platforms and environments.
- Additionally, the role will be responsible for performing information security risk assessments, conducting gap analyses, and coordinating security remediation activities across the department.

**About us**:

- At the Victorian Department of Health we want a future where Victorians are the healthiest people in the world. A Victoria where our children and people thrive, our workplaces are productive and safe, and our communities are more connected.
- We see it as our job to support Victorians to stay healthy and safe. And to deliver a world-class healthcare system that ensures every single Victorian can access safe, quality care that leads to better health outcomes for all.

**About you**:
**Do you have experience in?**
- Conduct penetration testing and vulnerability assessments in collaboration with the Manager, Enterprise Cybersecurity Operations.
- Lead the development and ongoing management of penetration testing and vulnerability assessment activities.
- Prepares technical reports at an authoritative level
- Develops briefs on highly complex issues that provide options for decision within an organisation
- Initiates and manages negotiations with peers (internal and external to work unit) to gain commitment to projects, and delivery of activities to meet timelines
- Proficiency with industry-standard penetration testing and vulnerability assessment tools (e.g., Burp Suite, Metasploit, Nessus, Nmap, Kali Linux).

**Qualifications / Specialist Expertise**

**Qualifications**
- A tertiary qualification relevant to ICT, Information Security, or similar would be highly advantageous.

**Specialist Expertise**
- Proven experience in penetration testing, ethical hacking, and vulnerability assessments across complex and cloud-based environments.
- Demonstrated experience in cyber security risk analysis and reporting, including development of mitigation recommendations.
- Proficiency with industry-standard penetration testing and vulnerability assessment tools (e.g., Burp Suite, Metasploit, Nessus, Nmap, Kali Linux).
- Strong understanding of cloud security (Microsoft Azure, AWS), secure coding practices, and system hardening techniques.
- Familiarity with regulatory standards and frameworks such as ISO 27001, NIST, OWASP Top 10, ASD ISM (Information Security Manual), and the Essential Eight.
- Experience coordinating remediation efforts and advising on technical risk treatments across multiple teams or departments- Additionally completed following certifications
- ** CEH** - Certified Ethical Hacker and/or
- ** OSCP** - Offensive Security Certified Professional

**What we offer**:

- The opportunity to per form meaningful work, making direct contributions toward enabling Victorians to be the healthiest people in the world.
- A wide range of growth and development opportunities within the department and wider Victorian Public Service & Sector.
- A strong commitment to work-life balance, including a diverse array of flexible working arrangements.

**How to apply**:

- Applications should include a resume and a cover letter. Click the ‘Apply' button to view further information about the role including key contact details and the advertisement closing date.
- Preferred applicants may be require