Connecting...

Location
Sydney
Salary
$120000 - $180000 per annum, Benefits: plus bonus
Job Type
Permanent
Ref
BH-167212
Contact
Matthew Canning
Posted
over 4 years ago
Our client is looking for seasoned penetration testers and red teamers with varying levels of experience to attack some of the largest and highest profile companies in the world.

Their Red teams are full scope with limited testing restrictions that provide realistic and high impact results for clients. You will be given the opportunity to execute bleeding edge attacks in a variety of customer settings, including the digital assets some of the world’s most critical infrastructure and major financial institutions.  

Successful candidates will be joining a global team of industry experts who are driven by desire to push the envelope as it relates to security research, innovation and providing clients with realistic simulated cyber-
attacks, the likes of which they have not seen before.

Experience needed:
  • Experience at executing most phases of a kill chain: breaching the perimeter through external/spear phishing attacks, persistence, lateral movement, privilege escalation (local and network), target acquisition, and exfiltration 
  • Experience with command and control frameworks, techniques, and architectures 
  • Payload development and evasion techniques 
  • Proficiency with leading commercial and open source automated reconnaissance and penetration testing tools and services 
  • Proficiency with performing targeted penetration tests without use of automated tools 
  • Client-side code execution 
  • Intimately familiar with networking fundamentals (all OSI layers) 
  • Understanding of application design principals 
  • Knowledge of web application exploitation methodologies
  • Current knowledge of common threats as they relate to specific industries 
  • Ability to read: C, C++, C#, Objective C, PHP, Java, Python, Ruby, etc. 
Nice to haves:
  • Minimum 2+ years of experience performing network and application penetration tests 
  • OSCP or CREST Certified Simulated Attack Specialist (CCSAS)/GIAC Advanced Penetration Tester (GXPN) and CREST Certified Infrastructure Tester (CCT Inf)/Offensive Security Certified Expert (OSCE) 
  • Offensive Security Exploitation Expert (OSEE) 

Please don't hesitate to apply.