Lead Penetration Testing

Our people are customer obsessed. They prioritise the needs and satisfaction of the customer above all else. Our mindset fosters innovation and creates strong, lasting customer relationships as we strive to be the most customer centric company in Australia and New Zealand. Lead Penetration Tester – Role In this Lead Penetration Testing role, you will: Lead and execute Offensive Security activities across applications, infrastructure, cloud and emerging technologies. Work with business leaders and stakeholders to identify services that meet defined criteria for offensive testing – establishing a pipeline of testing activity. Perform penetration testing and vulnerability assessments, including the triage of security exposures to determine technical risk to the organisation. This includes testing of web applications, mobile applications, infrastructure (ATM’s, handheld card devices, Active Directory, Windows and Linux servers, SOE’s, cloud technologies and hardware). Ensure that the quality of the teams’ work consistently meets the desired levels through technical reviews of penetration testing scopes and reports, enhancement of processes, and mentoring of team members to elevate their skills. Drive process and team skills improvement, helping to evolve the penetration testing function to meet the requirements of a constantly changing technology environment. Provide leadership and guidance to uplift activities in line with the Cyber Security business units’ goals. Qualifications A technical leader with demonstrated in-depth experience working in a Lead Penetration Tester role within a large-scale complex organisation, driving technical excellence and uplift across a security testing function. Passion for security and ethical hacking always looking for new tools and techniques to learn about – channeling this passion into penetration testing. Experience testing various technologies and platforms, including but not limited to web applications, web APIs, mobile applications (iOS, Android), network and server technologies, cloud services (AWS, Azure) and hardware. Experience writing and conveying complex penetration testing findings through reports. A comprehensive understanding of Penetration Testing frameworks and methodologies (OWASP, OSTTMM, WAHH). Completion of undergraduate (minimum) in technical degree (Computer Science, Software Engineering, Cyber Security) and advanced industry certifications such as OSEP, AWAE, CREST CCT, SANS Advanced, or equivalent; and training on self-development platforms (e.g., HackTheBox, Pentester Labs, WechALL, etc.). Strong communication and influencing skills and ability to shape outcomes. Diversity and Inclusion A diverse and inclusive workplace works better for everyone. We know that our people make us who we are. That's why we have built a culture of equity and respect – where everyone feels valued and appreciated for being their authentic selves. In partnership with our multiple Employee Resource Groups (ERGs) we continue to foster an inclusive environment, where all NAB colleagues’ unique backgrounds and identities are understood, respected and celebrated. We are committed to providing an environment where you can work your way. Next Steps For details on the recruitment process and accessibility, please visit To discuss adjustment requirements, please contact the NAB Careers team, via (please reference job number) or visit our Careers page through the link above for other contact options. If you think this role is the right fit for you, we would love to hear from you. Please note candidate screening and interviews may be conducted prior to the closing date of the job advert. Unsolicited CVs from agencies will not be accepted. Job Details Seniority level: Mid‑Senior level Employment type: Full‑time Job function: Quality Assurance Industries: Banking #J-18808-Ljbffr