Lead Penetration Testers

Role Title
Lead Security Specialist Vulnerability Assessor (3 roles)

Location
ACT

Working Arrangement
Onsite
Working arrangements are at the discretion of the assigned work area, subject to operational need. Due to the nature of ASD's operations, not all work areas can accommodate working from home.

Clearance required
Must hold Top Secret Positive Vetting.

Company overview
The Australian Signals Directorate (ASD) is a statutory agency in the Defence portfolio that defends Australia against global threats and advances Australia's national interests through the provision of foreign signals intelligence, cyber security and offensive cyber operations as directed by the Australian Government.

Job Description
ASD is seeking experienced Lead Security Specialist Vulnerability Assessors to support critical security outcomes across complex ICT environments. Vulnerability Assessors are responsible for identifying, assessing and prioritising security vulnerabilities, including through penetration testing, and reporting findings to improve security architecture and risk awareness.

Successful candidates must complete ASD's Organisational Suitability Assessment prior to commencement and will be assigned to work areas based on operational requirements.

Duties and Responsibilities

• Lead and conduct forensically sound investigations across ICT security assets and devices
• Assess and clearly articulate complex threat profiles relevant to ASD environments
• Drive analysis to maintain and improve ICT infrastructure integrity
• Provide expert advice on ICT security improvements and risk mitigation
• Review security controls and assess systems for vulnerabilities and associated risks
• Evaluate system designs and provide security-focused recommendations to support secure system integration

Education/Certifications required

• Relevant security certifications supporting penetration testing, vulnerability assessment or threat intelligence activities
• Certifications may include CHECK Team Leader, CREST Certified Tester (Infrastructure or Web Applications), CREST Certified Threat Intelligence Manager, or equivalent

Knowledge/Skills required

• Penetration testing expertise at SFIA Level 5, including planning and governance of testing activities
• Advanced penetration testing and simulated attack experience at CIISEC Level 5
• Ability to provide specialist security advice and leadership consistent with SFIA Level 6
• Strong capability in threat intelligence, threat assessment and threat modelling at CIISEC Level 5
• Experience assessing vulnerabilities, security controls and complex ICT environments

Diversity and Inclusion
ASD is committed to fostering a diverse and inclusive workforce and encourages applications from people with diverse backgrounds, skills and experiences.

Veterans
Defence and Federal Government industry experience is highly desirable. We strongly encourage veterans and individuals with Defence experience to apply. Your unique skills and background are highly valued, and we are committed to supporting your transition into this role.

About Cleared
At Cleared, we provide tailored recruitment solutions to individuals seeking their next opportunity and to organisations searching for talent within Defence Industry, Intelligence and National Security.