Hey, Pen Testers. Apart from your bread-and-butter testing (webapps, networks, etc.) which will always form the brunt of the work, eager to hear about the extra cool things you’ll get to sink your teeth into with this consultancy who are genuinely built different (for all the right reasons)? How about…
- IoT devices (fingerprint/biometric scanners, cash machines, etc.).
- Tinkering around with ESP32 chipsets – uploading custom firmware to bypass controls.
- Modifying binary code.
- Robots!!!! For instance, fully automated robotic arms in distribution centres – could a bad guy potentially get the arm to smack someone in the head, causing human injury?
- Genuine, actual, proper red teaming. Ever fancied strolling in off the street, into your client’s target building, under the guise of meeting with the CISO, only to pilfer some data to show that you could (and of course advise the client on how to stop people doing this in the future)?
So, what will your day-to-day look like? The engagements you’ll be performing are risk based. You will absolutely never “go through the motions” of a pen test, because you’ll be deep diving, not approaching a test from a compliance perspective.
Your engagements aren’t time-bound. Why? Because this consultancy has elevated itself to such a position that when it tells its (typically exclusive) clients that a pen test will take however long it takes to do it well, clients accept and trust this.
Clients come to this consultancy because they do things differently. They do things properly. They’re a genuine consultancy, not an audit firm – yes, shots fired! You’ll never be ticking boxes; you’ll be identifying real risk and addressing it.
Why else might you like this business?
- Your work will remain technical and only technical. This business has pre/sales personnel, which means you can focus on what you do best: breaking things.
- You’ll earn 12% superannuation. Yes, 12%, instead of the standard 10.5%. Nice, right?
- Your future pay rises will be crystal clear from day one. That’s right, pay rises. Say goodbye to these “discretionary” annual review chats where your potential salary increases depend on what side of the bed your manager woke up on. Want to be acutely aware of what you need to do to earn an extra $10k in salary? You’ll know. How about the next $10k extra? If you do X, you’ll earn Y. The next $10k? You get it. Point is, the ways to increase your salary are transparent from the get-go.
- WFH anywhere in Australia. If you’re based in Melbourne, the team would love to see you pop into the office a couple times a fortnight, but the takeaway is… WFH. That’s it.
- You’ll receive time and funding to pursue your own security research, which you then share with the team. This is all about trading knowledge and watching that big brain get even bigger.
- This business will match your personal charitable donations, dollar for dollar, to a certain value each year (who said testing was cold & clinical when you can feel this warm & fuzzy).
- You can expense up to $1000 in mental health expenses per year (this is a business who puts their money where their mouth is when they say they care about your mental health, which they absolutely do).
- You’ll be given interesting, geeky tools for work, research or… just for fun.
- You’ll be joining a business who genuinely do good in the world, via strongly supporting various charities and NFPs, and performing pro-bono advisory work (which you can get involved in).
Got a good few years of testing under your belt, a relevant cert in hand, and are you itching to move into an environment where you work is valued, and one which will genuinely allow you to flex your offensive muscles instead of running through a test because your client is legally mandated to do one? This could be the gig for you.
Know that any application you make is treated with abject confidentiality. The only people who will know you’ve applied are you, and me. Reach out, say hi, and let’s have a chat about YOU.
HOW TO APPLY Click APPLY and/or contact Michael directly on mpearman@decipherbureau.com for a 100% confidential, informal conversation where your privacy will absolutely be respected.
Decipher Bureau and the clients we partner with are committed to creating a diverse environment and are proud to be equal opportunity employers. All qualified applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.