Cybersecurity Offensive Security Specialists (Penetration Testing | Red Team | Threat Emulation)

This is a remote position.

We are seeking highly experienced Cybersecurity Offensive Security Specialists to deliver advanced offensive security services. These roles play a critical part in ensuring government systems applications and internal processes remain resilient against sophisticated real-world cyber threats.

This opportunity is best suited to senior practitioners who are comfortable operating in high-trust high-impact environments engaging with complex government systems and responding effectively to short-notice tasking. You will work within the Cyber Prevention team delivering intelligence-driven testing threat emulation and adversarial simulation activities that directly contribute to national security outcomes.

About the Team

The Cyber Prevention function delivers intelligence-informed preventative cybersecurity services including:

• Strategic operational and technical threat intelligence analysis and reporting
  

• Investigation support through trend and pattern analysis
  

• Identification and assessment of vulnerabilities to inform countermeasures and response timeframes
  

• Proactive threat hunting for advanced adversaries capable of evading security controls
  

• Penetration testing of applications and networks to inform risk posture
  

• Threat emulation exercises to assure detection and response capabilities
  

You will collaborate with highly capable cyber professionals in a mission-focused environment where your expertise directly strengthens defensive capability.

Services You Will Deliver

Depending on your technical strengths you will contribute to one or more of the following:

Penetration Testing

• Application and component-level testing of systems and binaries
  

• Identification of exploitable intra- and inter-component vulnerabilities
  

• Validation of security controls supporting accreditation activities
  

Vulnerability Assessments

• Systematic assessment of security controls and configurations
  

• Identification of security deficiencies and risk exposure
  

• Validation of control effectiveness following remediation
  

Red Team Assessments

• End-to-end adversarial simulations based on real-world threat conditions
  

• Assessment of organisational people process and technology defences
  

• Identification of defence gaps and improvement opportunities
  

Purple Team Assessments

• Collaborative exercises integrating Red Team techniques with Blue Team controls
  

• Close cooperation with defensive teams to maximise detection and response capability
  

• Practical uplift of organisational cyber maturity
  

Advanced Threat Emulation

• Intelligence-driven modelling of specific threat actors
  

• Emulation of adversary tactics techniques and procedures (TTPs)
  

• Validation of detection and response effectiveness against known threats
  

Key Responsibilities

• Deliver offensive security testing on an ad-hoc and short-notice basis
  

• Analyse system documentation and technical information to determine testing priorities
  

• Develop and submit Penetration Testing Plans at least 5 days prior to engagement commencement
  

• Execute testing activities in accordance with approved scopes and rules of engagement
  

• Produce clear actionable Penetration Test and Assessment Reports within 10 days of test completion
  

• Support Security Accreditation Framework activities Security Risk Assessments and Security Impact Assessments
  

• Conduct targeted testing to verify the operation of critical security controls
  

• Contribute to knowledge-sharing guided testing and uplift of internal cyber capabilities
  

Requirements

Requirements

Essential Skills and Experience

• Extensive hands-on experience in offensive security penetration testing red teaming or threat emulation
  

• Strong understanding of modern attack techniques tooling and adversary behaviours
  

• Proven experience testing complex enterprise or government systems and environments
  

• Ability to produce high-quality defensible technical reports for senior and technical stakeholders
  

• Strong analytical skills with the ability to translate technical findings into actionable risk outcomes
  

• Experience working within defined scopes rules of engagement and governance frameworks
  

• Ability to operate autonomously and respond effectively to short-notice engagements
  

Technical Competencies (one or more)

• Application security testing (web APIs binaries)
  

• Network and infrastructure penetration testing
  

• Active Directory and identity-based attack techniques
  

• Red Team and adversary simulation operations
  

• Threat actor emulation aligned to real-world intelligence
  

• Purple Team collaboration and detection engineering validation
  

Benefits

Benefits

• Opportunity to work on high-impact national security initiatives
  

• Engagements within a mission-critical government environment
  

• Exposure to complex real-world threat scenarios and advanced adversary techniques
  

• Collaboration with highly skilled cyber professionals across offensive and defensive disciplines
  

• Meaningful work where your expertise directly improves Australias cyber resilience
  

• Competitive engagement-based remuneration aligned with senior specialist capability
  

• Flexible ad-hoc engagement model suitable for experienced practitioners