Penetration Tester

We are actively recruiting an experienced Penetration Tester to significantly enhance our security practice focusing on delivering high-assurance offensive security services to both sensitive government and major commercial clientele. This role requires an expert capable of executing sophisticated and targeted testing methodologies including Red Team exercises and focused penetration tests across a diverse range of environments. The scope of technical work will span modern and complex infrastructure traditional and specialized environments. The successful candidate will not only identify and exploit vulnerabilities but must also translate complex technical findings into clear high-quality deliverables. This involves authoring both detailed technical reports for engineering teams and precise executive reports for leadership. A critical element of the role is close collaboration with client security and development teams to guide and validate effective remediation strategies ensuring our clients achieve a demonstrably superior security posture. Key Responsibilities Offensive Security Execution: Plan scope and execute comprehensive penetration tests and Red Team engagements targeting diverse client environments including web applications, APIs, network infrastructure, multi-cloud workloads and specialized systems. Reporting Excellence: Produce high-quality actionable deliverables including detailed technical findings and executive reports that clearly articulate risk severity, exploitability, mitigation steps and checklists. Engagement Governance: Develop clear and strictly ensure all testing activities adhere to documented legal, contractual and operational boundaries. Advanced Testing Techniques: Conduct rigorous vulnerability assessments, manual exploitation, privilege escalation, persistence establishment and simulate real-world threats. Remediation Assurance: Validate the effectiveness of client remediation actions through systematic retesting providing definitive evidence and expert guidance for formal remediation acceptance. Compliance Mapping: Map security findings directly to relevant compliance frameworks including controls and the where applicable. Accreditation Support: Provide critical input derived from testing findings to the support system processes. Assurance Collaboration: Actively collaborate with and client security teams during formal assurance and compliance review activities. Security and Confidentiality: Rigorously maintain confidentiality, chain of custody for evidence and strictly adhere to all client site access and personnel. Team and Tooling Development: Mentor junior security practitioners and contribute to the continuous improvement of internal penetration testing playbooks, methodologies and specialized tooling. Qualifications Demonstrated strong hands-on experience in executing complex penetration testing or Red Team engagements. Proven capability in testing a wide range of environments including web applications and containerized environments. Expert proficiency in manual exploitation, privilege escalation and advanced post-exploitation techniques. Exceptional ability in high-quality technical report writing. Solid scripting skills (Python, Bash, PowerShell) and deep familiarity with standard penetration testing tools. Government Framework Knowledge: Strong foundational understanding of key Australian Government security frameworks including PSPF, ISM, Essential Eight and process. Why join us NCS Australia is where you can feel at home nurturing your talents and skills as we make tomorrow together one day at a time. Our benefits include paid parental leave initiatives focused on your well-being and discounted health insurance. You will also enjoy discounts on various products and services and be regularly recognised and rewarded for high performance. We are committed to your career development through our Capability Fingerprint industry and partner training programs, special interest groups and an AI-driven learning platform. No matter where you are in your career we offer meaningful work and opportunities for growth. Agencies We request that you do not contact NCS employees outside of the Talent Acquisition team. NCS exclusively accepts resumes from agencies on our preferred supplier panel through the NCS Agency Portal. Agencies that submit resumes must have a valid fee agreement and be assigned to the particular requisition by the Talent Acquisition team. Any resumes that are submitted outside of this process will become the sole property of NCS. If a candidate is hired outside of this process no fee or payment will be given. Work Rights and Background Checks To be eligible for a position with us applicants will need to have valid work rights for Australia and be willing to undergo a comprehensive background checking process including probity and police checks. Remote Work: No Employment Type: Full-time We are an equal‑opportunity employer and we take pride in our commitment to valuing and supporting our people and the communities we are dedicated to attracting, retaining and developing our people regardless of gender identity, ethnicity, sexual orientation, disability, and age. Applications are encouraged from all sectors of the community and we strongly encourage applications from the Veterans, Aboriginal and/or Torres Strait Islander community. At NCS Australia we are committed to supporting adjustments throughout the recruitment and selection process as well as during employment. We actively support and encourage people with disability to apply. #J-18808-Ljbffr