Senior Penetration Tester

2 days ago


Sydney, New South Wales, Australia CareCone Group Full time $120,000 - $180,000 per year

Role:
Senior Penetration Tester

Location:
Sydney/ Melbourne/ Canberra

Employment Type:
Contract

Duration:
9 months

Must have:

Full working rights. No sponsorship available.

Role Overview

The Senior
Penetration Tester
will lead and execute advanced penetration testing and vulnerability assessment activities across applications, networks, cloud, and infrastructure. This role requires deep technical expertise, hands-on testing skills, and the ability to communicate findings and remediation strategies to both technical and non-technical stakeholders. The Senior Penetration Tester will also mentor junior team members and contribute to the continuous improvement of the company's security testing methodologies.

Key Responsibilities

  • Plan, execute, and report on penetration tests for
    web, mobile, API, cloud, and infrastructure environments
    , following industry standards (
    OWASP, SANS, PTES, NIST
    ).
  • Perform
    threat modelling
    , attack surface analysis, and vulnerability exploitation using both manual and automated techniques.
  • Conduct advanced security assessments, including red team exercises, social engineering, and physical security testing as required.
  • Develop and maintain security testing plans, methodologies, and standard operating procedures.
  • Automate penetration and security testing processes where possible.
  • Produce detailed, actionable, and risk-based reports for technical teams and executive management.
  • Consult with application developers, system administrators, and business stakeholders to explain findings and recommend remediation.
  • Mentor and guide junior penetration testers, providing technical direction and quality assurance.
  • Stay current with emerging threats, vulnerabilities, and attack techniques; contribute to internal knowledge sharing and research.
  • Ensure all testing activities are performed with proper legal authorisation and within the agreed scope.

Required Skills & Experience

  • Bachelor's degree in computer science, Information Security, or related field (or equivalent experience).
  • 7+ years of hands-on experience in penetration testing and vulnerability assessment of IT systems.
  • Strong expertise in
    web application, mobile, API, cloud, and infrastructure penetration testing.
  • Proficiency with tools such as
    Burp Suite, Nmap, Nessus, Metasploit, Kali Linux, Wireshark,
    and others.
  • Experience with secure code review, threat modelling, and business logic testing.
  • Familiarity with scripting and automation (Python, PowerShell, Bash, etc.).
  • In-depth knowledge of security standards and frameworks (OWASP, SANS, NIST, PCI DSS, ISO
  • Excellent written and verbal communication skills, including report writing and presentation.
  • Relevant certifications preferred:
    OSCP, OSCE, GPEN, GWAPT, CISSP, CEH, or equivalent.

Desirable Attributes

  • Experience in red teaming, purple teaming, or adversary simulation.
  • Knowledge of DevSecOps and CI/CD pipeline security.
  • Ability to work independently and as part of a global team.
  • Strong analytical and problem-solving skills.
  • Commitment to continuous learning and professional development.

Legal & Compliance

  • All penetration testing activities must be performed with explicit written authorization and within the defined scope.
  • Adherence to all applicable laws, regulations, and client policies is mandatory.

Interested consultants can share their updated resume at

or call


  • Penetration Tester

    5 days ago


    Sydney, New South Wales, Australia QBID Infotech Full time $120,000 - $180,000 per year

    Job Title:Penetration Tester (Onshore)Experience Required:6+ yearsLocation:Sydney / Melbourne / Brisbane / Adelaide / Perth (Onsite/Hybrid as per project needs)About the RoleWe are seeking experiencedPenetration Testerswith strong expertise in security testing, ethical hacking, and vulnerability assessments. The role involves assessing applications,...

  • Penetration Tester

    2 days ago


    Sydney, New South Wales, Australia Cyberlinx Full time $120,000 - $180,000 per year

    Cyberlinx | Full-Time | Remote (Australia-based)Cyberlinx is a fast-growing, pure-play cybersecurity consultancy delivering high-impact work across enterprise, government, and critical infrastructure. We're looking for a highly skilled Lead Penetration Tester and take the lead on advanced testing engagements across Australia.About the RoleAs a Lead Pen...


  • Sydney, New South Wales, Australia Decipher Bureau Full time

    Are you technical and looking for an opportunity that can leverage your expertise?Maybe you've been pigeonholed into web app, after web app, or you're stuck in an organisation with limited career growth opportunities?If you're a seasoned penetration tester or red teamer, this role is worth exploring.About CompayWe're partnering with a fast-growing,...

  • Penetration Tester

    2 days ago


    Sydney, New South Wales, Australia Robert Walters Full time $120,000 - $160,000 per year

    An exciting opportunity has arisen for a Penetration Tester to join a well-established cyber security team within a large organisation. This role offers the chance to work on a variety of offensive security engagements in a complex environment, building your skills alongside experienced security professionals and contributing to high-profile projects.What...


  • Sydney, New South Wales, Australia Cybertify Full time $120,000 - $180,000 per year

    About CybertifyCybertify is Australia's premier compliance-first cybersecurity consulting firm, proudly Australian owned, fully independent, and sovereign in every respect. We specialise in protecting and enabling organisations in the country's most heavily regulated sectors: financial services, superannuation, legal, aged care, healthcare, banking,...


  • Sydney, New South Wales, Australia Reserve Bank of Australia Full time $120,000 - $180,000 per year

    Exposure to diverse technologies and applicationsOpportunity to perform purple team engagementsDo work that makes a differenceThis is an exciting opportunity to work in a highly mature cyber security team. This role sits within the Assessments and Testing team in the Bank's IT security services. As part of the role, you will be working closely with a wide...

  • Senior Tester

    2 days ago


    Sydney, New South Wales, Australia Coforge Full time $120,000 - $140,000 per year

    Job Title: Senior Tester – Power BISkills - Power BI Testing, Tosca, Snowflake, SQLDuration - PermanentLocation - SydneyWe at Coforge are looking to hire aSenior Tester – Power BIin Sydney with the below mentioned skillset.OverviewWe are seeking a highly skilledSenior Testerwith strong expertise inPower BI,SQL, andtest automation toolsto join our team....


  • Sydney, New South Wales, Australia Coforge Full time $120,000 - $150,000 per year

    Role: Senior Pega QA Lead / TesterLocation:SydneySkills:Selenium, Cucumber, Pega, Rest APIExperience:8+ years in Quality Assurance within the Pega platformDuration:PermanentWe at Coforge are looking to hire a Senior Pega QA Lead or Tester with the below mentioned skills.Pega Testing Expertise: Extensive experience in manual testing of Pega applications,...

  • Payments Tester

    2 weeks ago


    Sydney, New South Wales, Australia Turing Consulting Full time $90,000 - $120,000 per year

    Turing Consultingis seeking an experiencedPayments Testerto join our client's team inSydney. This role offers an initial4-month contractwith potential extension and is open toAustralian PR holders and Citizens only.Role: Payments TesterLocation: SydneyDuration: 4 months (extension possible)Eligibility: Australian PR or CitizensKey Responsibilities &...


  • Sydney, New South Wales, Australia Microsoft Full time $120,000 - $180,000 per year

    Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft 365 aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified...