Lead Pen Tester

We are seeking motivated Lead Pen Tester (Group Security) to be part of a Big Rocket team that evaluates a wide range of NAB group products and services – to identify security weaknesses and exposures that pose a risk to the enterprise, and work with teams to understand their risk and path to remediation.

Your Job Responsibilities

Technical

1. Work with project stakeholders to identify assets and define test scopes – evaluating the breadth and depth on which testing should take place based on varying factors;
2. Execute penetration tests, either in a team or individually, to identify vulnerabilities and weaknesses that could impact bank systems;
3. Including testing of web applications, mobile applications, web APIs, Infrastructure, Cloud technologies, and hardware.
4. Triage vulnerabilities and justify risk in alignment with common vulnerability scoring systems, considering the environment and context;
5. Report testing results to key project stakeholders in varying formats (i.e. traditional report, bug tickets), including verbal communication;
6. Be involved with internal projects and initiatives to uplift team capabilities;
7. Provide QA reviews for testing scopes and reports from your peers to ensure high quality and accuracy of testing;
8. Work with larger technical programs across the bank to understand and construct testing requirements;
9. Where required, work as an embedded penetration tester on large programs;
10. Assist with other offensive security activities within the team (e.g. red team activity);
11. Self-manage security testing projects from end-to-end;
12. Participate in ‘run the business’ activities, such as maintenance and uplift of the penetration testing environment.

Leadership

1. Maintains and increases motivation within team by regularly checking in on motivation levels, and making adjustments quickly where needed (e.g. QCI, team meeting, team engagement activity).
2. Creates and maintains an equally safe environment for all members of team to ‘test and learn’, share learning, challenge thinking, team development and explore new ideas.
3. Sets effective and meaningful goals and timelines for each team member that supports them to achieve beyond what is expected (e.g. align with Peak performance framework).
4. Provides input to Engineering Manager in making decision of Prioritising and ensuring resources for the right work and making trade-offs between current and future performance to balance immediate goals with longer-term growth for the team.
5. Supports the team to cut through complexity and create clarity by simplifying practices and processes.
6. Be responsible for team engagement & relations.