Penetration Tester

As a Penetration Tester known at RAC as a Cyber Security Specialist, you will ensure the effective application of cybersecurity practices and controls, while also playing an active role in identifying and exploiting vulnerabilities through Red Team activities. This hybrid position combines both defensive (Blue Team) and offensive (Red Team) security strategies to strengthen RACWA’s security posture.

This will start as a 1-year maximum-term role.

What will you be doing?

• Executing Red Team Operations: Conducting simulated attacks, exploiting system weaknesses, and testing the effectiveness of security controls to assess RACWA’s preparedness and response capabilities.
• Developing Exploitation Techniques: Identifying new methods for exploiting vulnerabilities in systems, networks, or applications and collaborating with development teams to resolve identified weaknesses.
• Conducting Security Assessments: Reviewing and mitigating results from penetration tests, vulnerability assessments, and simulated attacks on information systems and IT infrastructure to bolster security measures.
• Evaluating Security Procedures: Reviewing security testing procedures, penetration testing methodologies, and risk remediation controls to verify and enhance the security of systems, networks, and application services.
• Providing Cybersecurity Guidance: Advising IT operation teams and business stakeholders using expert cybersecurity domain knowledge and practices to enhance organisational security.
• Implementing Security Controls: Ensuring that agreed information security controls are implemented, monitored, and reviewed regularly to meet regulatory compliance and audit requirements.
• Supporting Security Operations: Driving effective cross-functional team operations and the execution of RAC Group IT security administration processes, integrating findings from offensive security exercises into overall defence strategies.
• Managing Incident Response: Advising on and applying security incident response processes in accordance with endorsed RAC security frameworks and policies to swiftly address potential threats, including responses to Red Team exercises.

What are we looking for in you?

• Red Expertise: Strong understanding of both defensive (Blue Team) and offensive (Red Team) security principles, including risk assessment, penetration testing, threat hunting, and incident response.
• Cybersecurity Experience: Demonstrated experience as an IT security analyst, penetration tester, or Red Team member within a cybersecurity advisory function or Security Operation Centre (SOC).
• Certifications: (ISC)² CISSP certification or Offensive Security Certified Professional (OSCP) is desirable.
• Technical Proficiency: Technical proficiency with both defensive and offensive security-related systems and applications, including penetration testing tools (e.g., Metasploit, Burp Suite), network firewalls, web application firewalls, vulnerability scanning, secure application development practices, and patch management solutions.
• Educational Qualifications: Tertiary qualifications in computer science, information security, or a relevant IT field are mandatory.

What can we offer you?

• Innovative Technology Environment: Work with cutting-edge technologies and be part of a team driving digital transformation across RACWA.
• Growth Mindset Culture & focus on Career Development: Join a team that values personal development and enables continuous learning opportunities, certifications, and career progression within a supportive and growth-focused environment.
• Work-Life Balance: Benefit from flexible and hybrid working arrangements, including temporary remote work options and a focus on work-life balance.
• Impactful Projects: Contribute to high-impact projects or products that directly enhance RACWA's services to its members and the community.
• Diverse and Inclusive Workplace: Be part of an organisation that embraces diversity and inclusion, ensuring a welcoming environment for all employees.
• Employee Wellbeing: Take advantage of a strong focus on employee wellbeing, including mental health support, wellness programs, and fitness incentives.
• Community and Social Responsibility: Engage in meaningful community and social responsibility initiatives that align with RACWA's values and mission.

About RAC
RAC WA is a member-focused organisation dedicated to serving the Western Australian community. Our mission is to create a safer, more sustainable, and connected future for all Western Australians.
RAC values inclusivity, diversity, and flexibility in the workplace. As an Equal Opportunity Employer, we welcome everyone. For assistance during the application process, contact [email protected]. #LI-JC1