Penetration Testing Stream Lead

Location: Melbourne
Reference: 2986911
Geraint Cooper
Email: email geraint
See geraint other jobs
Great opportunity for a Penetration Testing Stream Lead to join a leading financial services company.
The role exists to provide technology-based vulnerability detection services incorporating scanning and penetration testing across key assets.
We are looking for an experienced Cyber Security professional to manage a team of 5/6 Penetration Testers. Ideally you will have a background in Penetration Testing but this is not essential.

What you’ll be doing…

  • Define scope of penetration testing objectives and define and drive plans to deliver on that scope, ensuring alignment of plans with the objectives of the Enterprise Security performance unit;
  • Provide direction to NAB’s penetration testing team to ensure outcomes of testing activity align with defined scope and objectives of the Enterprise Security performance unit;
  • Provide direction and consultation to NAB’s asset teams to assist in the understanding and remediation of security test findings, influencing security change at a PU level; coordinate execution of testing plans with asset owners and stakeholders;
  • Work autonomously within Security but evangelise security uplift across technology teams;
  • Build networks and strong working relationships with colleagues to GM level down, and be seen as a trusted provider of penetration testing services and advice;
  • Use excellent communication skills to articulate security testing requirements, outcomes, and recommendations in a business context.
  • Identify team functions/processes/capabilities which can be improved / automated and drive this change
  • Identify desirable skillsets for the team to acquire and find opportunities for the team to grow


What you will bring... 

  • Experience defining and delivering complex projects in an enterprise environment
  • A developed awareness of best practice in security and a drive to self-educate in the field
  • Experience working as a consultant, providing guidance and service in an environment of rapid change
  • Proven relationship management experience with suppliers of technology products and services
  • Technical background in at least one core technology or in application development
  • Hands-on experience with security testing
  • Desirable: SSCP or CISSP
  • Desirable: formal delivery certifications such as CSM, PMP, or Prince 2