Technical Cyber Security Advisor / Penetration Tester

CSIRO • Hobart, TAS, AU • 19h ago

Acknowledgement of Country

CSIRO acknowledges the Traditional Owners of the land, sea and waters, of the area that we live and work on across Australia. We acknowledge their continuing connection to their culture and pay our respects to their Elders past and present. View our vision towards reconciliation.

Role highlights

Lift CSIRO’s cyber maturity by leading high impact security testing capability
Run threat informed offensive security across a complex environment
Be the trusted technical lead driving measurable remediation outcomes

About CSIRO

As Australia's national science agency, CSIRO is solving the greatest challenges through innovative science and technology. Many of our iconic innovations were once considered impossible until someone, just like you, joined us and took on the challenge.

Visit CSIRO.au for more information.

The opportunity

CSIRO is seeking an experienced Technical Cyber Security Advisor/ Penetration Testing Lead, to join our Cyber Security Resilience team. This hands-on technical leadership role has no direct reports but is responsible for leading the organisation’s penetration testing function, coordinating penetration testing and red teaming activities, as well as uplifting cyber security capability through mentoring and expert guidance.

The role suits an adaptable and analytical professional with experience delivering complex testing engagements across diverse environments, who can apply threat‑informed testing techniques, including adversary emulation, and translate findings into clear, actionable remediation outcomes.

Working closely with internal stakeholders and external vendors, you will provide high‑quality security advice in a complex environment, supporting measurable improvements in CSIRO’s cyber security maturity under the direction of Cyber Resilience leadership.

High-level duties include:

Lead the planning and coordination of security testing activities (i.e. penetration testing and red teaming activities, including scheduling, stakeholder alignment, and rules of engagement.
Perform and oversee penetration tests on web applications, bespoke systems, complex and sensitive infrastructure, and cloud services, ensuring safe execution and minimal operational impact.
Document, validate and prioritise findings; produce clear, timely reports and briefings that communicate risk, impact, and practical remediation options to technical and non-technical stakeholders.
Develop and maintain testing methodologies, scoping documents, rules of engagement and repeatable playbooks for environments that do not fit standard IT patterns, including threat-informed and adversary emulation approaches.
Carry out quality assurance and peer review for testing deliverables, ensuring consistency of evidence, severity ratings, and remediation guidance.
Stay current with evolving threats, attacker TTPs, and security trends; evaluate and improve tooling and techniques used by the testing function.
Partner with vulnerability management, cyber architecture/engineering and detection/response teams to validate risk, support remediation, and uplift defensive controls through purple-team style collaboration.

Role particulars

Location and office arrangements: Melbourne (Clayton), Perth (Kensington), Canberra (Black Mountain), Hobart, Brisbane (St. Lucia), Sydney (Marsfield)

Salary: AU$135,571 – AU$158,863 per annum (pro rata for part-time), plus 15.4% superannuation

Tenure & work schedule: Indefinite

Reference: 102720

As the successful candidate, you will bring:

Essential criteria

4+ years of hands-on experience in penetration testing (or similar), including coordinating end-to-end engagements (scoping, execution, reporting) and working effectively across multiple stakeholders.
Understanding of scripting languages such as Python, PowerShell and Bash.
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defence-in-depth).
Knowledge of application vulnerabilities and experience conducting application vulnerability assessments.
Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language (PL/SQL) and injections, malicious code).
Demonstrated experience in penetration testing principles, tools, and techniques.
Proven capability in executing comprehensive web application testing.
Demonstrated ability to mentor and uplift junior testers through coaching, structured feedback, and review of technical deliverables.
Experience designing or delivering threat-informed testing (e.g., attack simulation, adversary emulation, or red team techniques), with a strong focus on safety, authorisation and clear rules of engagement.
OSCP/GPEN/OSWE/CRTO equivalent certification or relevant industry experience.

Excellent reporting, presentation and communication skills, including the ability to brief executives, facilitate technical deep-dives, and drive remediation discussions.

Desirable

Experience with threat hunting, detection engineering, or purple teaming to validate and improve defensive controls.
Perform code analysis services to identify potential security issues.
Technical experience reviewing the security configuration of on-premises and/or cloud-based enterprise technologies.
Experience with OT and IoT environments.
Experience in providing mentoring to cyber security staff.
Familiarity with:
- Mitre Attack Framework.
- CVSS 3.1.
Experience with cyber security frameworks including Australian Government Information Security Manual (ISM), Protective Security Policy Framework (PSPF) and Essential 8 (E8).

For full details about this role, and other criteria, please review the Position Description.

Not sure if you meet all the criteria?

While it is CSIRO policy that the successful candidate must meet all the essential criteria, there are many ways to demonstrate this. Don’t let the list discourage you. If you are unsure about applying, please reach out to the contact person in the Position Description.

Setting you up for success

We are committed to providing a recruitment process that is fair, equitable and accessible to everyone. We recognise that it may be helpful for us to adjust our process to make it equitable for your individual situation. Please contact [email protected] and let us know how we can support you.

Life at CSIRO and flexible work arrangements

We work flexibly at CSIRO, offering a range of options for how, when and where you work. We can discuss flexible work arrangements with you during the recruitment process. CSIRO also offers a range of leave entitlements, benefits and career development opportunities. To find out more, visit Careers at CSIRO.

Inclusion and belonging

Solving Australia's greatest challenges takes a diversity of minds and lived experiences. We know diverse teams are more effective and deliver more innovative outcomes. As an equal employment opportunity organisation, we are committed to creating diverse and inclusive teams where people feel they belong. We recognise true diversity encompasses all ages, abilities, cultures, faiths, levels of education, genders, sexualities, diversity of thought and much more. We focus on hiring people who share our values of People First, Further Together, Making it Real and Trusted.

CSIRO holds Gold Status for the Australian Workplace Equality Index for LGBTQIA+ inclusion, and a Science in Australia Gender Equity Bronze Award.

Eligibility

This is a security assessed position The successful candidate will be required to obtain and maintain a security clearance at the Negative Vetting 1 level.Appointment to this role is subject to provision of a national police check and may be subject to other security/medical/character requirements.

Child safety

CSIRO is committed to the safety and wellbeing of all children and young people involved in our activities and programs. View our Child Safe Policy.

How to apply

Please apply online and submit a cover letter (maximum 2 pages) and CV that demonstrate your motivation and ability to meet the essential requirements of this role.

Applications close

Wednesday 1st of April 2026, 11pm AEDT