Offensive Security Specialist

Create impact as an
Offensive Security Specialist.

Join the largest general insurance group in Australia and Aotearoa New Zealand. We're a top-tier ASX-listed company helping to make the world a safer place through creating a stronger and more resilient business and enabling our portfolio of iconic insurance brands

YOUR ROLE
As an Offensive Security Specialist, you'll be at the forefront of safeguarding our organisation's people, information, and assets through delivering innovative offensive security services. Your role involves continuously evaluating and challenging security controls to enhance our security landscape and create a safer digital environment.

Day-to-day, you'll dive into infrastructure and application penetration testing to ensure our systems meet stringent security requirements and uncover any potential vulnerabilities. You'll also immerse yourself in scenario-based technical assessments, mirroring the tactics, techniques, and procedures of real-world threat actors, all aimed at achieving our security objectives.

Beyond assessments, you'll play a pivotal role in driving the entire technical assessment lifecycle, from planning to execution, while also contributing your expertise to shape and refine our technical assessment policies, standards, and procedures.

This is a permanent role open to all major cities in Australia ideally Gadigal Country( Sydney), Naarm ( Melbourne) and Meanjin ( Brisbane)
About You
We're looking for a dynamic and experienced technology risk professionals who thrives in fast-paced, agile environments. The ideal candidate will bring a strong blend of technical expertise, risk knowledge, and a collaborative mindset.

To Be Successful In This Role, You Will Bring

• Experience collaborating in SecDevOps environments or interfacing with development teams to gather security testing requirements, autonomously managing penetration tests, and providing effort estimations.
• Expertise in infrastructure and web application security testing methodologies and frameworks like OWASP, PTES, OSSTMM, and ISSAF.
• Familiarity with OWASP standards such as ASVS (Application Security Verification Standard) and CVSS (Common Vulnerability Scoring System), including the OWASP Testing Guide.
• Technical proficiency in web technologies such as HTML, JavaScript, Java/J2EE, ASP/.NET, PHP, Rest APIs, AngularJS, NodeJS, Bootstrap, etc.
• Proven track record in conducting vulnerability assessment and penetration testing of various platforms including Web Applications, APIs, Mobile, and Network Infrastructure, both on-premise and within cloud environments (e.g., AWS/Azure).
• Develop and execute custom attack scenarios to simulate advanced threat actors.
• Proficiency in working with the Kali Linux environment, as well as Android/iOS environments, including installing/troubleshooting security tools and resolving OS-related issues.
• Capability to set up insecure applications (e.g., OWASP Broken Web Applications) in testing environments to evaluate security tools for application scanning, identifying false positives, and managing remediation processes.
• Working experience in Nessus, Burp Suite Pro, ZAP Proxy, Maltego, Wireshark, SQLMAP and other widely used security tools.
• Penetration testing security certifications such as OSCP / OCSE / CRT / CCT.

Applications close on Monday, 8th September 2025 at 23:59 AEST

Joining IAG you'll have access to a raft of benefits from across the Group:

• Boosted superannuation with 13% as standard
• Up to 50% off personal insurance, including home and motor insurance
• 5 myLeave days per year on top of annual leave
• Work from home and many more flexibility options with myFlex
• Industry-leading 20 weeks paid parental leave, available from the day you start, for both primary and secondary carers
• Dedicated career growth programs, including the award-winning IAG Academy
• employment type eligibility criteria apply

About Us

As part of IAG you'll enjoy a world of career opportunities, a purpose-led place focused on creating connection and belonging, and where you can create meaningful impact every day and grow your career beyond the expected. That's not just words. It's our people promise. We're ready for you with unexpected opportunities for your career, your work-life and your ability to make a difference. We celebrate all viewpoints shaped by life experiences and culture, and are guided by the knowledge and voice of Aboriginal and Torres Strait Islander peoples, businesses, and communities. We collaborate on Indigenous-led solutions that enable growth and create meaningful change for our customers and employees.

We're ready for you. Apply today.

About
Learn more about who IAG is here.