12 Penetration Testing jobs in Australia

We are a team in M365 Core called Substrate; we have the massive responsibility and charter to help ensure the security and trustworthiness of M365 product suite. We want to reshape and modernize security to empower every user, customer, and developer with a secure cloud that protects them with end-to-end via our solutions. The M365 Substrate organization accelerates Microsoft's mission via bold ambitions to ensure that our company and industry are securing digital technology platforms, devices, and clouds across our estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
The Security Engineering team within M365 Core helps to identify threats and gaps in the infrastructure that hosts the planet's largest, most influential organizations. We are looking for individuals who are forging the pentest discipline in new and modern ways in the era of AI. The role will encompass a blend of research and testing which we will guide our collective engineering organizations to secure their products in the most uniform and durable solutions possible. This role as a **Penetration Testing Manager** will provide the opportunity to work on services which are global scale and provide unique experiences which are hard to replicate or find outside of a major SAAS provider.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
**Responsibilities**
As a Penetration Testing Manager, you will conduct offensive security assessments that simulate real-world attacks on M365 products, services, and infrastructure. You will identify vulnerabilities across application, network, and operational domains and collaborate with engineering and security teams to support remediation efforts. This role plays a key part in strengthening the security posture of Microsoft's productivity suite through hands-on testing and cross-team collaboration.
+ You'll ensure teams develop and maintain areas of expertise. You'll expand into new areas of expertise and share best practices across teams.
+ You will decompose work for concurrency/ collaboration. You'll devise more systematic solutions, and spot previously unidentified patterns.
+ You will solve issues systematically and with transparency to customers in technical implementation of solutions related to specific kinds of security issues. You'll begin to develop substantial skills in other kinds of security issues outside areas of expertise.
+ You'll design with long term sustainability and broad applicability in mind, leverage existing solutions, and contribute substantial changes to their improvement. You'll identify and differentiate between solutions to come up with best case solution and start to define policies.
+ You'll help make connections and assist in developing agreements between groups to clarify priorities and identify dependencies. You'll provide coordination across groups, articulate key security issues to teams and upper management, and autonomously drive collaboration across groups.
**Qualifications**
**Required Qualifications:**
+ 7+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
+ 1+ year(s) people management.
**Other Requirements:**
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings:
+ **Microsoft Cloud Background Check** : This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
**Preferred Qualifications:**
+ Experience in attacking AI infrastructure and Models.
+ Leveraging AI for attacks and the penetration discipline.
+ Master's Degree in Statistics, Mathematics, Computer Science
+ OR related field
+ OR 8+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
#pentest #security #australia #M365CORE
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .