Senior Security Engineer - Offensive Security

About Us Rabobank is the world’s leading specialist in food & agribusiness banking. One of our key strengths lies in our people who have a deep understanding of agriculture & are committed to adding long‑term value for clients. Our commitment to our employees & clients is at the heart of everything we do.

About the role Rabobank’s Technology Engineering Security Team is on the front line of cyber defence - designing & implementing controls that protect our systems & data. This collaborative team covers Security Architecture, Vulnerability Management, Security Testing, & Red Teaming. The team is now looking for an Offensive Security Engineer in Sydney on a 12‑month fixed term contract.

As Offensive Security Engineer, you will be responsible for delivering high‑impact offensive security testing across applications, infrastructure, cloud environments, & emerging technologies within Rabobank Australia & New Zealand (RANZ).

Top Role Responsibilities & Accountabilities - Partner with business leaders & technology stakeholders to identify systems & services that meet defined criteria for offensive security testing, establishing & managing a prioritised testing pipeline

- Execute offensive security testing pipeline across applications, infrastructure, & cloud platforms (on‑prem & Azure)

- Deliver hands‑on penetration testing & vulnerability assessments, validating exploitability & real business impact

- Support squads by triaging findings from code scanning, helping teams understand what matters & why

- Partner with DevSecOps engineering teams to support shift‑left security by informing, tuning, & validating automated security testing & CI/CD controls based on real‑world offensive findings

- Champion effective remediation by collaborating with engineering, security architecture, secure design, & vulnerability management teams to prioritise findings, provide actionable guidance, validate fixes, & influence secure‑by‑design practices

- Oversee & coordinate testing activity across the Rabobank ANZ region, including external penetration testing schedules

- Produce clear, high‑impact security reports tailored to both technical & non‑technical stakeholders

- Contribute to secure‑by‑design outcomes by feeding findings back into architecture, design, & vulnerability management processes

- Influence the ongoing maturity of the offensive security capability through knowledge sharing, research, & continuous improvement

To Be Successful, you will have: - Strong hands‑on penetration testing & offensive security assessment experience in complex enterprise environments

- Practical understanding of DevOps / CI/CD pipelines, ideally Azure DevOps, with experience embedding security testing (\"shift left\")

- Proven ability to assess & exploit vulnerabilities across: - Web applications & APIs

- Network & server infrastructure (Windows/Linux, AD)

- Cloud platforms (Azure preferred, AWS acceptable)

- Familiarity with recognised frameworks such as OWASP, PTES, OSSTMM, NIST, & MITRE ATT&CK

- Working knowledge of SAST & DAST tools & how they complement manual testing

- Strong written, interpersonal & verbal communication skills

- Proven experience collaborating closely with SOC, engineering, architecture, & vulnerability management teams

Our Values Rabobank Australia values inclusion, belonging, & positive experiences for all. Our work environment, our benefits, & the way we live our values, “Client Driven”, “Responsible”, “Professional” & “Cooperative” make it a great place to work. We welcome applicants from diverse backgrounds.

Please let our Talent Acquisition team know if you need any accommodations to make our opportunities more accessible to you.

#J-18808-Ljbffr