Lead critical cyber security initiatives protecting national interests. Use your penetration testing expertise to outsmart real-world adversaries.
30th October, 2025
Contract length: Initial 12 months with two 12-month extension options
Work locations: ACT and VIC | Hybrid working arrangements
Security clearance: Must hold or be able to obtain NV2 or TSPV clearance, and willing to undergo an Organisational Suitability Assessment (OSA)
Key technical skills: Penetration testing, vulnerability assessment, Active Directory exploitation, web application security, and automation scripting
Join a high-performing cyber security team delivering critical national security outcomes. In this role, you will play a pivotal part in safeguarding Australia’s most sensitive systems by identifying vulnerabilities, simulating adversary tradecraft, and strengthening defensive capabilities across government environments. This is a rare opportunity to contribute your expertise to projects of national importance, working alongside some of the brightest minds in cyber defence.
Your duties will include:
Conducting infrastructure and web application penetration testing across classified and unclassified systems
Assessing security controls against the Australian Government’s Information Security Manual (ISM)
Simulating advanced adversary techniques to test prevention and detection capabilities
Identifying and exploiting weaknesses in Microsoft Active Directory and Azure AD environments
Assessing vulnerabilities in web applications and APIs aligned with OWASP Top 10 standards
Developing and automating custom tools to support ongoing assessment activities
Skills and Experience we are looking for:
Minimum 5 years’ experience in infrastructure and/or web application penetration testing
Strong understanding of the Australian Government’s ISM and associated security frameworks
Demonstrated ability to assess, identify, and exploit vulnerabilities in enterprise environments
Experience with scripting and automation tools such as PowerShell, Python, or JavaScript
Relevant professional certifications such as OSCP, GPEN, GWAPT, or equivalent highly regarded
Experience developing custom security tools and working in classified or enclaved networks
Application Process If you would like to apply, please contact Deep Ahluwalia on 0413109712 or email Deep.ahluwalia@effectivepeople.com.au Apply For Job