15 Penetration Testing jobs in Australia

Consultant Penetration Testing

Job number: Primary position location: VIC- Melbourne CBD Category: Cyber Security Category: Information, Communication & Technology Work type: Permanent Full time Closing at: Sep - 23:55 AEST Favourite

• Bring your experience as a Consultant, Penetration Testing to this rewarding role
• Drive simplification and velocity in delivery through your disciplined execution focus
• You’ll join a high-performing team, backing talented individuals

Our people are customer obsessed. They prioritise the needs and satisfaction of the customer above all else. Our mindset fosters innovation and creates strong, lasting customer relationships as we strive to be the most customer centric company in Australia and New Zealand.

As the Consultant Penetration Testing , you will be part of the Cyber Security team that’s doubling down on customer obsession.

Each day, you’ll go above and beyond to:

• Provide penetration testing services to a wide range of NAB group products and services, identifying security weaknesses and exposures that pose a risk to the enterprise.
• Work with project stakeholders to identify assets and define test scopes by evaluating the breadth and depth on which testing should take place based on varying factors.
• Execute penetration tests, either in a team or individually, to identify vulnerabilities and weaknesses that could impact bank systems; including testing of web applications, mobile applications, web APIs, Infrastructure, Cloud technologies, and hardware.
• Triage vulnerabilities and justify risk in alignment with common vulnerability scoring systems, considering the environment and context.
• Work with larger technical programs across the bank to understand and construct testing requirements;
• Assist with other offensive security activities within the team and self-manage security testing projects from end-to-end.

We’re looking for the best and brightest to deliver the best for our customers. You’ll bring:

• Passion for security and ethical hacking always looking for new tools and techniques to learn about – channelling this passion into penetration testing.
• Proven experience working in a similar Penetration Tester role, ideally within a large complex organisation
• Collaborative approach - enjoy working in a team of like-minded professionals, always looking to work with, learn from, and share knowledge to those around you.
• Understanding of the importance of clearly communicating vulnerabilities and their potential impacts – utilising your written and verbal communication skills to excel at this.
• Experience testing various technologies and platforms, including but not limited to; Web applications, web APIs, mobile applications (iOS, Android), network and server technologies, cloud services (AWS, Azure), and hardware;
• Experience writing and conveying complex security findings through reports;
• Undergraduate (minimum) in technical degree (Computer Science, Software Engineer, Cyber Security)
• Standard Industry certifications such as OSCP, CREST (CRT, CCT) or equivalent.

A diverse and inclusive workplace works better for everyone

We know that our people make us who we are. That's why we have built a culture of equity and respect – where everyone feels valued and appreciated for being their authentic selves. In partnership with our multiple Employee Resource Groups (ERGs) we continue to foster an inclusive environment, where all NAB colleagues’ unique backgrounds and identities are understood, respected and celebrated. We are committed to providing an environment where you can work your way.

For details on the recruitment process, and accessibility, please visit To discuss adjustment requirements, please contact the NAB Careers team, via (please reference job number) or visit our Careers page through the link above for other contact options.

Join NAB

If you think this role is the right fit for you, we would love to hear from you. Please note candidate screening and interviews may be conducted prior to the closing date of the job advert. Unsolicited CVs from agencies will not be accepted.

#LI-DNI

Bring your experience as a Consultant, Penetration Testing to this rewarding roleDrive simplification and velocity in delivery through your disciplined execution focusYou’ll join a high-performing team, backing talentedindividuals

Our people are customer obsessed. They prioritise the needs and satisfaction of the customer above all else. Our mindset fosters innovation and creates strong, lasting customer relationships as we strive to be the most customer centric company in Australia and New Zealand.

As the Consultant Penetration Testing, you will be part of the Cyber Security team that’s doubling down on customer obsession.

Each Day, You’ll Go Above And Beyond To

Provide penetration testing services to a wide range of NAB group products and services, identifying security weaknesses and exposures that pose a risk to the enterprise.Work with project stakeholders to identify assets and define test scopes by evaluating the breadth and depth on which testing should take place based on varying factors.Execute penetration tests, either in a team or individually, to identify vulnerabilities and weaknesses that could impact bank systems; including testing of web applications, mobile applications, web APIs, Infrastructure, Cloud technologies, and hardware.Triage vulnerabilities and justify risk in alignment with common vulnerability scoring systems, considering the environment and context.Work with larger technical programs across the bank to understand and construct testing requirements;Assist with other offensive security activities within the team and self-manage security testing projects from end-to-end.

We’re looking for the best and brightest to deliver the best for our customers. You’ll bring:

Passion for security and ethical hacking always looking for new tools and techniques to learn about - channelling this passion into penetration testing.Proven experience working in a similar Penetration Tester role, ideally within a large complex organisationCollaborative approach - enjoy working in a team of like-minded professionals, always looking to work with, learn from, and share knowledge to those around you.Understanding of the importance of clearly communicating vulnerabilities and their potential impacts - utilising your written and verbal communication skills to excel at this.Experience testing various technologies and platforms, including but not limited to; Web applications, web APIs, mobile applications (iOS, Android), network and server technologies, cloud services (AWS, Azure), and hardware;Experience writing and conveying complex security findings through reports;Undergraduate (minimum) in technical degree (Computer Science, Software Engineer, Cyber Security)Standard Industry certifications such as OSCP, CREST (CRT, CCT) or equivalent.

A diverse and inclusive workplace works better for everyone

We know that our people make us who we are. That's why we have built a culture of equity and respect - where everyone feels valued and appreciated for being their authentic selves. In partnership with our multiple Employee Resource Groups (ERGs) we continue to foster an inclusive environment, where all NAB colleagues’ unique backgrounds and identities are understood, respected and celebrated. We are committed to providing an environment where you can work your way.

For details on the recruitment process, and accessibility, please visit To discuss adjustment requirements, please contact the NAB Careers team, via (please reference job number) or visit our Careers page through the link above for other contact options.

Join NAB

If you think this role is the right fit for you, we would love to hear from you. Please note candidate screening and interviews may be conducted prior to the closing date of the job advert. Unsolicited CVs from agencies will not be accepted.

We are a team in M365 Core called Substrate; we have the massive responsibility and charter to help ensure the security and trustworthiness of M365 product suite. We want to reshape and modernize security to empower every user, customer, and developer with a secure cloud that protects them with end-to-end via our solutions. The M365 Substrate organization accelerates Microsoft's mission via bold ambitions to ensure that our company and industry are securing digital technology platforms, devices, and clouds across our estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
The Security Engineering team within M365 Core helps to identify threats and gaps in the infrastructure that hosts the planet's largest, most influential organizations. We are looking for individuals who are forging the pentest discipline in new and modern ways in the era of AI. The role will encompass a blend of research and testing which we will guide our collective engineering organizations to secure their products in the most uniform and durable solutions possible. This role as a **Penetration Testing Manager** will provide the opportunity to work on services which are global scale and provide unique experiences which are hard to replicate or find outside of a major SAAS provider.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
**Responsibilities**
As a Penetration Testing Manager, you will conduct offensive security assessments that simulate real-world attacks on M365 products, services, and infrastructure. You will identify vulnerabilities across application, network, and operational domains and collaborate with engineering and security teams to support remediation efforts. This role plays a key part in strengthening the security posture of Microsoft's productivity suite through hands-on testing and cross-team collaboration.
+ You'll ensure teams develop and maintain areas of expertise. You'll expand into new areas of expertise and share best practices across teams.
+ You will decompose work for concurrency/ collaboration. You'll devise more systematic solutions, and spot previously unidentified patterns.
+ You will solve issues systematically and with transparency to customers in technical implementation of solutions related to specific kinds of security issues. You'll begin to develop substantial skills in other kinds of security issues outside areas of expertise.
+ You'll design with long term sustainability and broad applicability in mind, leverage existing solutions, and contribute substantial changes to their improvement. You'll identify and differentiate between solutions to come up with best case solution and start to define policies.
+ You'll help make connections and assist in developing agreements between groups to clarify priorities and identify dependencies. You'll provide coordination across groups, articulate key security issues to teams and upper management, and autonomously drive collaboration across groups.
**Qualifications**
**Required Qualifications:**
+ 7+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
+ 1+ year(s) people management.
**Other Requirements:**
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings:
+ **Microsoft Cloud Background Check** : This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
**Preferred Qualifications:**
+ Experience in attacking AI infrastructure and Models.
+ Leveraging AI for attacks and the penetration discipline.
+ Master's Degree in Statistics, Mathematics, Computer Science
+ OR related field
+ OR 8+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
#pentest #security #australia #M365CORE
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

We are a team in M365 Core called Substrate; we have the massive responsibility and charter to help ensure the security and trustworthiness of M365 product suite. We want to reshape and modernize security to empower every user, customer, and developer with a secure cloud that protects them with end-to-end via our solutions. The M365 Substrate organization accelerates Microsoft's mission via bold ambitions to ensure that our company and industry are securing digital technology platforms, devices, and clouds across our estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
The Security Engineering team within M365 Core helps to identify threats and gaps in the infrastructure that hosts the planet's largest, most influential organizations. We are looking for individuals who are forging the pentest discipline in new and modern ways in the era of AI. The role will encompass a blend of research and testing which we will guide our collective engineering organizations to secure their products in the most uniform and durable solutions possible. This role as a **Penetration Testing Manager** will provide the opportunity to work on services which are global scale and provide unique experiences which are hard to replicate or find outside of a major SAAS provider.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
**Responsibilities**
As a Penetration Testing Manager, you will conduct offensive security assessments that simulate real-world attacks on M365 products, services, and infrastructure. You will identify vulnerabilities across application, network, and operational domains and collaborate with engineering and security teams to support remediation efforts. This role plays a key part in strengthening the security posture of Microsoft's productivity suite through hands-on testing and cross-team collaboration.
+ You'll ensure teams develop and maintain areas of expertise. You'll expand into new areas of expertise and share best practices across teams.
+ You will decompose work for concurrency/ collaboration. You'll devise more systematic solutions, and spot previously unidentified patterns.
+ You will solve issues systematically and with transparency to customers in technical implementation of solutions related to specific kinds of security issues. You'll begin to develop substantial skills in other kinds of security issues outside areas of expertise.
+ You'll design with long term sustainability and broad applicability in mind, leverage existing solutions, and contribute substantial changes to their improvement. You'll identify and differentiate between solutions to come up with best case solution and start to define policies.
+ You'll help make connections and assist in developing agreements between groups to clarify priorities and identify dependencies. You'll provide coordination across groups, articulate key security issues to teams and upper management, and autonomously drive collaboration across groups.
**Qualifications**
**Required Qualifications:**
+ 7+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
+ 1+ year(s) people management.
**Other Requirements:**
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings:
+ **Microsoft Cloud Background Check** : This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
**Preferred Qualifications:**
+ Experience in attacking AI infrastructure and Models.
+ Leveraging AI for attacks and the penetration discipline.
+ Master's Degree in Statistics, Mathematics, Computer Science
+ OR related field
+ OR 8+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
#pentest #security #australia #M365CORE
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

We are a team in M365 Core called Substrate; we have the massive responsibility and charter to help ensure the security and trustworthiness of M365 product suite. We want to reshape and modernize security to empower every user, customer, and developer with a secure cloud that protects them with end-to-end via our solutions. The M365 Substrate organization accelerates Microsoft's mission via bold ambitions to ensure that our company and industry are securing digital technology platforms, devices, and clouds across our estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
The Security Engineering team within M365 Core helps to identify threats and gaps in the infrastructure that hosts the planet's largest, most influential organizations. We are looking for individuals who are forging the pentest discipline in new and modern ways in the era of AI. The role will encompass a blend of research and testing which we will guide our collective engineering organizations to secure their products in the most uniform and durable solutions possible. This role as a **Penetration Testing Manager** will provide the opportunity to work on services which are global scale and provide unique experiences which are hard to replicate or find outside of a major SAAS provider.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
**Responsibilities**
As a Penetration Testing Manager, you will conduct offensive security assessments that simulate real-world attacks on M365 products, services, and infrastructure. You will identify vulnerabilities across application, network, and operational domains and collaborate with engineering and security teams to support remediation efforts. This role plays a key part in strengthening the security posture of Microsoft's productivity suite through hands-on testing and cross-team collaboration.
+ You'll ensure teams develop and maintain areas of expertise. You'll expand into new areas of expertise and share best practices across teams.
+ You will decompose work for concurrency/ collaboration. You'll devise more systematic solutions, and spot previously unidentified patterns.
+ You will solve issues systematically and with transparency to customers in technical implementation of solutions related to specific kinds of security issues. You'll begin to develop substantial skills in other kinds of security issues outside areas of expertise.
+ You'll design with long term sustainability and broad applicability in mind, leverage existing solutions, and contribute substantial changes to their improvement. You'll identify and differentiate between solutions to come up with best case solution and start to define policies.
+ You'll help make connections and assist in developing agreements between groups to clarify priorities and identify dependencies. You'll provide coordination across groups, articulate key security issues to teams and upper management, and autonomously drive collaboration across groups.
**Qualifications**
**Required Qualifications:**
+ 7+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
+ 1+ year(s) people management.
**Other Requirements:**
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings:
+ **Microsoft Cloud Background Check** : This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
**Preferred Qualifications:**
+ Experience in attacking AI infrastructure and Models.
+ Leveraging AI for attacks and the penetration discipline.
+ Master's Degree in Statistics, Mathematics, Computer Science
+ OR related field
+ OR 8+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
#pentest #security #australia #M365CORE
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

We are a team in M365 Core called Substrate; we have the massive responsibility and charter to help ensure the security and trustworthiness of M365 product suite. We want to reshape and modernize security to empower every user, customer, and developer with a secure cloud that protects them with end-to-end via our solutions. The M365 Substrate organization accelerates Microsoft's mission via bold ambitions to ensure that our company and industry are securing digital technology platforms, devices, and clouds across our estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
The Security Engineering team within M365 Core helps to identify threats and gaps in the infrastructure that hosts the planet's largest, most influential organizations. We are looking for individuals who are forging the pentest discipline in new and modern ways in the era of AI. The role will encompass a blend of research and testing which we will guide our collective engineering organizations to secure their products in the most uniform and durable solutions possible. This role as a **Penetration Testing Manager** will provide the opportunity to work on services which are global scale and provide unique experiences which are hard to replicate or find outside of a major SAAS provider.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
**Responsibilities**
As a Penetration Testing Manager, you will conduct offensive security assessments that simulate real-world attacks on M365 products, services, and infrastructure. You will identify vulnerabilities across application, network, and operational domains and collaborate with engineering and security teams to support remediation efforts. This role plays a key part in strengthening the security posture of Microsoft's productivity suite through hands-on testing and cross-team collaboration.
+ You'll ensure teams develop and maintain areas of expertise. You'll expand into new areas of expertise and share best practices across teams.
+ You will decompose work for concurrency/ collaboration. You'll devise more systematic solutions, and spot previously unidentified patterns.
+ You will solve issues systematically and with transparency to customers in technical implementation of solutions related to specific kinds of security issues. You'll begin to develop substantial skills in other kinds of security issues outside areas of expertise.
+ You'll design with long term sustainability and broad applicability in mind, leverage existing solutions, and contribute substantial changes to their improvement. You'll identify and differentiate between solutions to come up with best case solution and start to define policies.
+ You'll help make connections and assist in developing agreements between groups to clarify priorities and identify dependencies. You'll provide coordination across groups, articulate key security issues to teams and upper management, and autonomously drive collaboration across groups.
**Qualifications**
**Required Qualifications:**
+ 7+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
+ 1+ year(s) people management.
**Other Requirements:**
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings:
+ **Microsoft Cloud Background Check** : This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
**Preferred Qualifications:**
+ Experience in attacking AI infrastructure and Models.
+ Leveraging AI for attacks and the penetration discipline.
+ Master's Degree in Statistics, Mathematics, Computer Science
+ OR related field
+ OR 8+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
#pentest #security #australia #M365CORE
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

Team Description:
We are a team in M365 Core called Substrate; we have the massive responsibility and charter to help ensure the security and trustworthiness of M365 product suite. We want to reshape and modernize security to empower every user, customer, and developer with a secure cloud that protects them with end-to-end via our solutions. The M365 Substrate organization accelerates Microsoft's mission via bold ambitions to ensure that our company and industry are securing digital technology platforms, devices, and clouds across our estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
The Security Engineering team within M365 Core helps to identify threats and gaps in the infrastructure that hosts the planet's largest, most influential organizations. We are looking for individuals who are forging the pentest discipline in new and modern ways in the era of AI. The role will encompass a blend of research and testing which we will guide our collective engineering organizations to secure their products in the most uniform and durable solutions possible. This role as a **Senior Penetration Testing Specialist** will provide the opportunity to work on services which are global scale and provide unique experiences which are hard to replicate or find outside of a major SAAS provider.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
**Responsibilities**
As a Senior Penetration Tester, you will conduct offensive security assessments that simulate real-world attacks on M365 products, services, and infrastructure. You will identify vulnerabilities across application, network, and operational domains and collaborate with engineering and security teams to support remediation efforts. This role plays a key part in strengthening the security posture of Microsoft's security suite through hands-on testing and cross-team collaboration.
+ You will decompose work for concurrency/ collaboration. You'll devise more systematic solutions, and spot previously unidentified patterns.
+ You will solve issues systematically and with transparency to customers in technical implementation of solutions related to specific kinds of security issues. You'll begin to develop substantial skills in other kinds of security issues outside areas of expertise.
+ You'll design with long term sustainability and broad applicability in mind, leverage existing solutions, and contribute substantial changes to their improvement. You'll identify and differentiate between solutions to come up with best case solution and start to define policies.
+ You'll help make connections and assist in developing agreements between groups to clarify priorities and identify dependencies.
+ You'll provide coordination across groups, articulate key security issues to teams and upper management, and autonomously drive collaboration across groups.
**Qualifications**
**Required Qualifications:**
+ 5+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
**Other Requirements:**
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings:
+ **Microsoft Cloud Background Check** : This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
**Preferred Qualifications:**
+ Experience in attacking AI infrastructure and Models.
+ Leveraging AI for attacks and the penetration discipline.
+ Master's Degree in Statistics, Mathematics, Computer Science
+ OR related field
+ OR 6+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
#aiPenTest #pentest #securityJobs #australia #M365CORE
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

Team Description:
We are a team in M365 Core called Substrate; we have the massive responsibility and charter to help ensure the security and trustworthiness of M365 product suite. We want to reshape and modernize security to empower every user, customer, and developer with a secure cloud that protects them with end-to-end via our solutions. The M365 Substrate organization accelerates Microsoft's mission via bold ambitions to ensure that our company and industry are securing digital technology platforms, devices, and clouds across our estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
The Security Engineering team within M365 Core helps to identify threats and gaps in the infrastructure that hosts the planet's largest, most influential organizations. We are looking for individuals who are forging the pentest discipline in new and modern ways in the era of AI. The role will encompass a blend of research and testing which we will guide our collective engineering organizations to secure their products in the most uniform and durable solutions possible. This role as a **Senior Penetration Testing Specialist** will provide the opportunity to work on services which are global scale and provide unique experiences which are hard to replicate or find outside of a major SAAS provider.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
**Responsibilities**
As a Senior Penetration Tester, you will conduct offensive security assessments that simulate real-world attacks on M365 products, services, and infrastructure. You will identify vulnerabilities across application, network, and operational domains and collaborate with engineering and security teams to support remediation efforts. This role plays a key part in strengthening the security posture of Microsoft's security suite through hands-on testing and cross-team collaboration.
+ You will decompose work for concurrency/ collaboration. You'll devise more systematic solutions, and spot previously unidentified patterns.
+ You will solve issues systematically and with transparency to customers in technical implementation of solutions related to specific kinds of security issues. You'll begin to develop substantial skills in other kinds of security issues outside areas of expertise.
+ You'll design with long term sustainability and broad applicability in mind, leverage existing solutions, and contribute substantial changes to their improvement. You'll identify and differentiate between solutions to come up with best case solution and start to define policies.
+ You'll help make connections and assist in developing agreements between groups to clarify priorities and identify dependencies.
+ You'll provide coordination across groups, articulate key security issues to teams and upper management, and autonomously drive collaboration across groups.
**Qualifications**
**Required Qualifications:**
+ 5+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
**Other Requirements:**
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings:
+ **Microsoft Cloud Background Check** : This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
**Preferred Qualifications:**
+ Experience in attacking AI infrastructure and Models.
+ Leveraging AI for attacks and the penetration discipline.
+ Master's Degree in Statistics, Mathematics, Computer Science
+ OR related field
+ OR 6+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
#aiPenTest #pentest #securityJobs #australia #M365CORE
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

Team Description:
We are a team in M365 Core called Substrate; we have the massive responsibility and charter to help ensure the security and trustworthiness of M365 product suite. We want to reshape and modernize security to empower every user, customer, and developer with a secure cloud that protects them with end-to-end via our solutions. The M365 Substrate organization accelerates Microsoft's mission via bold ambitions to ensure that our company and industry are securing digital technology platforms, devices, and clouds across our estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
The Security Engineering team within M365 Core helps to identify threats and gaps in the infrastructure that hosts the planet's largest, most influential organizations. We are looking for individuals who are forging the pentest discipline in new and modern ways in the era of AI. The role will encompass a blend of research and testing which we will guide our collective engineering organizations to secure their products in the most uniform and durable solutions possible. This role as a **Senior Penetration Testing Specialist** will provide the opportunity to work on services which are global scale and provide unique experiences which are hard to replicate or find outside of a major SAAS provider.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
**Responsibilities**
As a Senior Penetration Tester, you will conduct offensive security assessments that simulate real-world attacks on M365 products, services, and infrastructure. You will identify vulnerabilities across application, network, and operational domains and collaborate with engineering and security teams to support remediation efforts. This role plays a key part in strengthening the security posture of Microsoft's security suite through hands-on testing and cross-team collaboration.
+ You will decompose work for concurrency/ collaboration. You'll devise more systematic solutions, and spot previously unidentified patterns.
+ You will solve issues systematically and with transparency to customers in technical implementation of solutions related to specific kinds of security issues. You'll begin to develop substantial skills in other kinds of security issues outside areas of expertise.
+ You'll design with long term sustainability and broad applicability in mind, leverage existing solutions, and contribute substantial changes to their improvement. You'll identify and differentiate between solutions to come up with best case solution and start to define policies.
+ You'll help make connections and assist in developing agreements between groups to clarify priorities and identify dependencies.
+ You'll provide coordination across groups, articulate key security issues to teams and upper management, and autonomously drive collaboration across groups.
**Qualifications**
**Required Qualifications:**
+ 5+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
**Other Requirements:**
Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include but are not limited to the following specialized security screenings:
+ **Microsoft Cloud Background Check** : This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
**Preferred Qualifications:**
+ Experience in attacking AI infrastructure and Models.
+ Leveraging AI for attacks and the penetration discipline.
+ Master's Degree in Statistics, Mathematics, Computer Science
+ OR related field
+ OR 6+ years experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, and anomaly detection.
#aiPenTest #pentest #securityJobs #australia #M365CORE
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .