Senior Engineer - Offensive Security [Fixed-Term Contract] (Sydney)

Rabobank· New South Wales· Posted 1h ago· via Talent.com
region Australia
Apply Now

$ cat job-description.txt

About the role Rabobank’s Technology Engineering Security Team is on the front line of cyber defence - designing & implementing controls that protect our systems & data. This collaborative team covers Security Architecture, Vulnerability Management, Security Testing and Red Teaming. The team is now looking for a Security Engineer - Offensive Security in Sydney on a 12-month fixed term contract.

As a Security Engineer - Offensive Security, you will be responsible for delivering high‑impact offensive security testing across applications, infrastructure, cloud environments and emerging technologies within Rabobank Australia & New Zealand (RANZ).

Responsibilities - Partner with business leaders & technology stakeholders to identify systems & services that meet defined criteria for offensive security testing, establishing & managing a prioritised testing pipeline

- Execute offensive security testing pipeline across applications, infrastructure & cloud platforms (on‑prem & Azure)

- Deliver hands‑on penetration testing & vulnerability assessments, validating exploitability & real business impact

- Support squads by triaging findings from code scanning, helping teams understand what matters & why

- Partner with DevSecOps engineering teams to support shift‑left security by informing, tuning & validating automated security testing & CI/CD controls based on real‑world offensive findings

- Champion effective remediation by collaborating with engineering, security architecture, secure design & vulnerability management teams to prioritise findings, provide actionable guidance, validate fixes & influence secure‑by‑design practices

- Oversee & coordinate testing activity across the Rabobank ANZ region, including external penetration testing schedules

- Produce clear, high‑impact security reports tailored to both technical & non‑technical stakeholders

- Contribute to secure‑by‑design outcomes by feeding findings back into architecture, design & vulnerability management processes

- Influence the ongoing maturity of the offensive security capability through knowledge sharing, research & continuous improvement

Qualifications - A minimum of 10 years IT experience

- Strong hands‑on experience conducting penetration testing & offensive security assessments in complex environments

- Demonstrated experience writing transparent, concise & impactful reports that translate technical findings into understandable risks & remediation steps for technical & non‑technical audiences

- Solid understanding of offensive security frameworks & methodologies (e.g., OWASP Testing Guide, OSSTMM, PTES, NIST, MITRE ATT&CK)

- Strong technical communication & collaboration skills, with the ability to work effectively across domains (including SOC, architecture, & vulnerability management) to drive meaningful improvements & remediation outcomes

- Proven ability to identify & exploit vulnerabilities across diverse technologies while collaborating with defensive teams

- Deep passion for ethical hacking & security research; proactively exploring & adopting new tools, techniques, exploits, and methodologies to elevate testing quality

- Broad technical expertise in assessing platforms including (but not limited to) web applications & APIs, mobile (iOS/Android), network/server infrastructure, major cloud providers (AWS, Azure, etc.), & hardware/IoT devices

- General knowledge of SAST (Static Application Security Testing) & DAST (Dynamic Application Security Testing) tooling, & how these complement manual offensive testing in identifying & prioritising vulnerabilities

- Knowledge of secure development practices & DevSecOps principles within the SDLC, including integration of security controls in CI/CD pipelines to support shift‑left security & faster remediation

#J-18808-Ljbffr

first seen 2026-07-09 08:12:01 · last verified 2026-07-09 08:12:01

pentestcareers.com // breach the job market

Get new pentesting jobs in your inbox