Indue offers a range of technology payment solutions, including market-leading financial crime solutions, New Payments Platform, mobile payments and card programs in a B2B market
Our competitive advantage is based on our commitment to consistently delivering real service, being flexible and innovative, and building strong partnerships with our clients. We value our people because we know our success depends on them.
Visit our website at www.indue.com.au for more information.
What We Offer
- Work-life Balance: Flexible working arrangements, ability to work from home and meeting free Fridays.
- Career development: Learning & Development programs, study assistance, internal movements and secondment opportunities.
- Reward & Recognition: Excellent recognition programs appreciating employee’s contributions, service anniversaries and Annual Awards.
- Culture: Collaborative and inclusive culture, approachable leadership team who provide monthly updates, and regular social celebrations.
- Wellness: Employee Assistance Program, discounted Health Insurance and ability to purchase additional leave.
About the Role
Reporting to the Head of Info Application Penetration Tester plays a critical role in safeguarding Indue’s IT systems and infrastructure by scanning and simulating real-world attacks to uncover weaknesses and vulnerabilities. As the Application Penetration Tester, you will be responsible for undertaking regular penetration testing of internal and external facing applications/ systems and IT infrastructure that Indue develops, implements, updates and/ or maintains. You will be required to plan, coordinate, execute, track and report on application/ system vulnerabilities and implementation of approved mitigation processes / activities.
Furthermore, this role will see you being responsible for improving and educating Indue’s DevSecOps practices by collaboratively building and improving secure and reliable IT applications, systems and infrastructure aligned with Indue's system development lifecycle, working collaboratively with the information security team, project management, product management, enterprise systems, architecture, engineering, testing and quality assurance, and risk management functions.
Responsibilities for the role include:
• Own, manage, plan, coordinate, and deliver the entire penetration testing and vulnerability management program for Indue aligned with risk appetite, and ISO27001, PCI DSS and other compliance requirements.
• Be a SME for technical vulnerabilities including penetration testing, static code analysis, and network security, and provide advice, guidance and awareness about good secure practices.
• Own, follow-up, track, monitor and report on all penetration testing and vulnerability mitigation actions across Indue.
• Engage and contribute to the system development lifecycle through DevSecOps design, build, testing and support phases and help identify and address vulnerabilities early in the lifecycle saving cost and reducing risk.
• Regularly maintain, update, and communicate all relevant standards, processes and procedures to relevant stakeholders.
About You
You will have all or majority of the following skills and attributes:
• 3+ years of experience operating as a pen tester operating with limited supervision.
• Hold at least one of the following certifications: OSCP, CREST CCT, SANS GCPN, C|PEN or similar.
• Experience in security report writing and discussing reports with stakeholders to obtain their buy-in.
• Good understanding and experience in utilising CVSS standards, OWASP methodologies and Metasploit tooling.
• Good analytical and problem-solving skills.
The following experience and qualifications will be highly regarded:
• A cybersecurity degree and/or relevant tertiary cybersecurity qualification
• Related cybersecurity certifications such as CEH, CompTIA PenTest+, CISSP, CISM
• Understanding of other cybersecurity frameworks including NIST, OSSTMM
• Awareness of information security standard requirements such as ISO27001, PCI DSS, ASD-Essential8/ ASD-ISM
Sounds like you?
Use the 'Apply Now' button below to submit your Cover Letter and Resume, demonstrating your relevant experience for the role.
No agency enquiries - only direct candidates with full working rights in Australia will be considered. Candidates may be requested to complete a criminal history check, qualification check and other background checks as part of our recruitment process.
